[security-dev] JPA?
Bill Burke
bburke at redhat.com
Tue Jun 11 16:56:24 EDT 2013
Also, IMO, JDBC is more flexible if users need to massage queries or
have different table mappings.
On 6/11/2013 4:53 PM, Bill Burke wrote:
> JPA vs. JDBC isn't a choice, users won't care. Why would app developers
> care either? They should be using management interfaces or the upcoming
> sso server to manage their domains.
>
> On 6/11/2013 4:39 PM, Anil Saldhana wrote:
>> Jason - I will let others chime in their thoughts.
>>
>> We want to support as many Identity Store implementations as possible.
>> We implemented a File Store implementation mainly to aid its usage as
>> the default identity store implementation in WildFly.
>> I have no issues in providing an additional JDBC identity store
>> implementation. It just gives the users more implementations to choose from.
>>
>> From application developers perspective, I think the balance still
>> swings toward JPA. But for Wildfly core authentication using PicketLink
>> IDM, for database backends, JDBC makes sense.
>>
>> It will be at least a couple of months before we attempt a JDBC
>> implementation due to 2.5.0 release. That is why I placed the JIRA issue
>> fix to be 2.5.1. I think this works for Wildfly roadmap.
>>
>> On 06/11/2013 03:14 PM, Jason Greene wrote:
>>> I thought it best to move the discussion on undertow to here.
>>>
>>> Anil opened a JIRA to investigate:
>>> https://issues.jboss.org/browse/PLINK-190
>>>
>>> My concerns are:
>>>
>>> - Initialization Time (JPA has always been expensive in this area)
>>> - Dependency chain problems (if this forces the app server (which at some point might not be limited to Java EE) to have a big chunk of EE just to support database auth)
>>> - Potential increase of memory usage? (in particular if we end up with hibernate using infinispan as a cache which is then double cached at the auth level)
>>>
>>> I guess the main reason for the switch from JDBC is to avoid supporting various DB dialects. However, the following is also true:
>>>
>>> - ANSI SQL-92 is supported by almost everyone, and it allows for portable DML
>>> - IDMs have very simple relational layouts and queries
>>> - It's easy to abstract queries to allow customization by a user
>>>
>> _______________________________________________
>> security-dev mailing list
>> security-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/security-dev
>>
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the security-dev
mailing list