[security-dev] lookupIdentityById requires preconfigured Tiers
Shane Bryzak
sbryzak at redhat.com
Wed Jul 10 19:55:09 EDT 2013
Bill, you've got to wait until we've merged the PLINK-130 changes back
into trunk - pretty much everything has changed now, and we're working
extremely hard to get another beta out shortly. If you want to get a
feel for what has changed, the merge branch is here:
https://github.com/picketlink/picketlink/tree/merge/PLINK-130
By the way we're code-naming the next release "Bill", because it was
your use cases that drove all the changes. Hopefully the work we've
done is going to meet your requirements much better than before.
On 11/07/13 09:45, Bill Burke wrote:
> Ok, I was going to add a getPartitions() method to IdentityStore, but
> this just won't scale. Instead I changed
> DefaultIdentityManager.checkIfIdentityTypeExists() to take into account
> the identityType's partition id if it is set. This fixes my grantRole()
> problem.
>
> The question is on whether IdentityManager.lookupIdentityById() needs to
> be fixed. If this method is supposed to be scoped to the partition,
> then its ok, otherwise it will need to be fixed.
>
> On 7/10/2013 7:12 PM, Bill Burke wrote:
>> A problem I just ran into with my dynamic tier creation/deletion is that
>> DefaultIdnetityManager.lookupIdentityById() requires that tiers be
>> preconfigured and listed in the store's config. So, if you're doing a
>> realm.grantRole() for a dynamically created Tier-based Role, it won't
>> work :(
>>
>> I'm working on a fix now.
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/security-dev/attachments/20130711/70168b64/attachment.html
More information about the security-dev
mailing list