3 Replies Latest reply on Oct 5, 2011 2:31 AM by Luca Cavagnoli

    security - idmconsole navigation

    Richard Barabe Newbie

      When studying idmconsole example and seam-security, I noticed that idmconsole does not provide its own actions(managed beans).  Instead it makes use of classes from the security-impl package (ie, org.jboss.seam.security.management.action.UserAction).  I said to myself that these management actions from seam-security were there to be reused in applications.  However, I'm not sure I understand how these could be reused. 


      If these actions are intended to be reused, does a developper have to cut and paste the navigation rules from the idmconsole example to its own application ? 



      To make a long story short, I'm wondering if the package org.jboss.seam.security.management.action is really meant to be in seam-security-impl or if it instead should it be in the idmconsole example ?

        • 1. Re: security - idmconsole navigation
          Shane Bryzak Master

          The action beans are there as a convenience, mainly because the IdentityManager is no longer there as a result of the move to use PicketLink.  You may use them if you wish in your own application, or write your own.

          • 2. Re: security - idmconsole navigation
            Richard Barabe Newbie

            Ok, they'll be a good sample to make my own.  Thank you Shane, nice work.

            • 3. Re: security - idmconsole navigation
              Luca Cavagnoli Newbie

              Richard Barabé wrote on Mar 10, 2011 13:54:


              When studying idmconsole example and seam-security, I noticed that idmconsole does not provide its own actions(managed beans).  Instead it makes use of classes from the security-impl package (ie, org.jboss.seam.security.management.action.UserAction).  I said to myself that these management actions from seam-security were there to be reused in applications.  However, I'm not sure I understand how these could be reused. 



              The thruth is... they cannot be reused.


              The whole org.jboss.seam.security.management.action contains action beans that are domain-specifc to the idmconsole example. I wonder why are they part of Seam Security 3, rather than being in idmconsole's source code.


              Infact, the name 'idmconsole' itself is misleading. I thought the idmconsole example to be a tutorial on how to use PicketLink's API, but I was wrong. It is actually a demonstration on how to map PicketLink's SPI to one's domain model.


              Hence, there are methods such as


              org.jboss.seam.security.management.action.groupSearch.getGroups()



              despite its name, that method doesn't actually fetch all 'groups' - giving the word 'group' the meaning described in PicketLink IDM's documentation. Instead, it return the list of what is intended as 'group' in idmconsole's specific domain model.