[security-dev] deleting a partition

Bill Burke bburke at redhat.com
Fri Jun 14 14:29:06 EDT 2013



On 6/14/2013 2:19 PM, Pedro Igor Silva wrote:
> Ok, the reason is why this is a critical operation which involves removing critical data. That said, I don't think we should do that, like I said, "automatically".
>

But again, you give no reason :)  Sure its critical data, but everything 
in the IDM is critical data.

> You can always use the following construct to query all identity types:
>
> IdentityQuery<IdentityType> query = identityManager.createIdentityQuery(IdentityType.class); // here we use the base type to create the query
>
> query.setParameter(IdentityType.PARTITION, Realm.DEFAULT_REALM); // or query.setParameter(IdentityType.PARTITION, "Another Partition")
>
> List<IdentityType> result = query.getResultList();
>
> for (IdentityType type: result) {
>      // remove
> }
>

So, the above can be done at a higher level and not have to be done at 
each IdentityStore?  There's no potential for duplicate entries in a 
federated store?

> I understand your point and it is valid. My opinion is just we should leave that for users.
>

Who is the user?  The admin UI on top of Picketlink IDM API?

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com


More information about the security-dev mailing list