[security-dev] no API for managing EntityManagers
Bill Burke
bburke at redhat.com
Mon Jul 8 10:52:16 EDT 2013
I've already stated this, but I'll state it again.
If you want to use the JPA store, your application requires specific
knowledge that it is using a JPA store, on multiple levels:
IdentityManagerFactory creation as well as each time you interact with
an IdentityManager. For JPA, you'll want to begin/commit/rollback, and
you also need to close the underlying EntityManager. I don't think JPA
will be alone in wanting to do this. There may be other stores that
could be transactionally aware i.e. Infinispan, etc.
The ContextInitializer is inadequate because it only handles
initialization and none of the other callbacks I mentioned
(begin/commit/rollback/close/destroy).
Also, I strongly believe you need to expose an abstract "transaction"
interface for the IDM. I suggest the following:
interface IdentityContextFactory {
IdentityContext createIdentityContext();
void close();
}
interface IdentityContext {
void begin();
void commit();
void rollback();
void close();
Realm getRealm(String id);
void deleteRealm(Realm realm);
Realm createRealm(String id);
Tier getTier(String id);
void deleteTier(Tier tier);
Tier createTier(String id);
PartitionManager createPartitionManager(Partition partition);
PartitionManager defaultPartitionManager();
}
interface PartitionManager extends IdentityManager { // really I want to
rename IdentityManager
}
interface ContextInitializer {
void begin(SecurityContext context);
void commit(SecurityContext context);
void rollback(SecurityContext context);
void close(SecurityContext context);
void initContextForStore(SecurityContext context, IdentityStore<?>
store);
}
I'd be happy to implement this so long as I can get any pull request I
create committed sooner than the 25 days my current pull request is
sitting in the queue.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the security-dev
mailing list