[security-dev] lookupIdentityById requires preconfigured Tiers

Bill Burke bburke at redhat.com
Wed Jul 10 21:01:27 EDT 2013 

I have contributors blocked on me waiting to get a first iteration of 
the backend of my new project.   I don't need a release, just something 
usable on the JPA side of things.   If anything is usable, I can start 
banging on it and help fix bugs or at least identify problems.

Otherwise, I'll continue improving my git fork of Picketlink to support 
my work.  In the least it will allow me to further learn the current 
(albeit obsolete) Picketlink code and help flush out and find more use 
cases/problems.

On 7/10/2013 7:55 PM, Shane Bryzak wrote:
> Bill, you've got to wait until we've merged the PLINK-130 changes back
> into trunk - pretty much everything has changed now, and we're working
> extremely hard to get another beta out shortly.  If you want to get a
> feel for what has changed, the merge branch is here:
>
> https://github.com/picketlink/picketlink/tree/merge/PLINK-130
>
> By the way we're code-naming the next release "Bill", because it was
> your use cases that drove all the changes.  Hopefully the work we've
> done is going to meet your requirements much better than before.
>
> On 11/07/13 09:45, Bill Burke wrote:
>> Ok, I was going to add a getPartitions() method to IdentityStore, but
>> this just won't scale.  Instead I changed
>> DefaultIdentityManager.checkIfIdentityTypeExists() to take into account
>> the identityType's partition id if it is set.  This fixes my grantRole()
>> problem.
>>
>> The question is on whether IdentityManager.lookupIdentityById() needs to
>> be fixed.  If this method is supposed to be scoped to the partition,
>> then its ok, otherwise it will need to be fixed.
>>
>> On 7/10/2013 7:12 PM, Bill Burke wrote:
>>> A problem I just ran into with my dynamic tier creation/deletion is that
>>> DefaultIdnetityManager.lookupIdentityById() requires that tiers be
>>> preconfigured and listed in the store's config.  So, if you're doing a
>>> realm.grantRole() for a dynamically created Tier-based Role, it won't
>>> work :(
>>>
>>> I'm working on a fix now.
>>>
>
>
>
> _______________________________________________
> security-dev mailing list
> security-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/security-dev
>

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com

More information about the security-dev mailing list