3 Replies Latest reply on Dec 8, 2011 5:51 PM by Jason Porter

    Seam 3 Security JpaIdentityStoreConfiguration

    tehackio teha Newbie

      Anyone can explain me why on relationshipClass Entity class that contains relationships between identity objects,   the property name @IdentityProperty(PropertyType.NAME) is not a type, then, a lookup relationship for roleTypeClass Entity class that contains the names of all role types?

        • 1. Re: Seam 3 Security JpaIdentityStoreConfiguration
          bram meijboom Newbie
          Right,

          The relationship type is the kind of relationship we are talking about, in the demo's there are usually 2 types: JBOSS_IDENTITY_ROLE and JBOSS_IDENTITY_MEMBERSHIP_ROLE.

          The name is the id (same as in the identityobject) of the relationship, in the demo it is the "admin" and "manager" of the relationship type "JBOSS_IDENTITY_ROLE".

          So you can have different relationships of the same type associating 2 identity objects. In most implementations of user/role group's the 'type' of the role's and group's are not in the model and you just have the class 'role' with a name. Here you can have different 'role' types (like groups, role's, permissions, friends) and you dont have to change the model by adding a new entity.

          regards

          Bram
          • 2. Re: Seam 3 Security JpaIdentityStoreConfiguration
            tehackio teha Newbie
            insert into IdentityRoleName(id, name) values (1, 'admin');
            insert into IdentityRoleName(id, name) values (2, 'manager');
            
            insert into IdentityObjectType(id, name) values (1, 'USER');
            insert into IdentityObjectType(id, name) values (2, 'GROUP');
            
            insert into IdentityObject (id, name, identity_object_type_id) values (1, 'shane', 1);
            insert into IdentityObject (id, name, identity_object_type_id) values (2, 'demo', 1);
            insert into IdentityObject (id, name, identity_object_type_id) values (3, 'Head Office', 2);
            insert into IdentityObject (id, name, identity_object_type_id) values (4, 'foo', 1);
            
            insert into IdentityObjectCredentialType (id, name) values (1, 'PASSWORD');
            
            insert into IdentityObjectCredential (id, identity_object_id, credential_type_id, value) values (1, 1, 1, 'password');
            insert into IdentityObjectCredential (id, identity_object_id, credential_type_id, value) values (2, 2, 1, 'demo');
            
            insert into IdentityObjectRelationshipType (id, name) values (1, 'JBOSS_IDENTITY_MEMBERSHIP');
            insert into IdentityObjectRelationshipType (id, name) values (2, 'JBOSS_IDENTITY_ROLE');
            
            insert into IdentityObjectRelationship (id, name, relationship_type_id, from_identity_id, to_identity_id) values (1, 'admin', 2, 3, 2);
            



            I haven't understood. What is IdentityRoleName and IdentityObjectRelationshipType for?
            The field name on IdentityObjectRelationship can be duplicated for more than one register? Why not put this values on one table and to make lookup?


            identitySession.getRoleManager().findRoles(u, roleType) returns null if I modify JBOSSIDENTITYMEMBERSHIP and JBOSSIDENTITYROLE value;

            • 3. Re: Seam 3 Security JpaIdentityStoreConfiguration
              Jason Porter Master

              These are all for the picketlink idm which Seam Security uses. Many times when a separate table is being used it can be placed on the same table as the other information such as credential and credential type or the relationship and relationship type. I'd send you to the picketlink documentation, but it's very poor.