3 Replies Latest reply on May 7, 2009 2:23 AM by Boleslaw Dawidowicz

    Identity Management integration with JBossAS5.

    Jeff Yu Master

      With the latest code from trunk, run the

      mvn clean install -Pdistro

      and then from the distro/target, run:
      java -jar jbidm-1.0.0-SNAPSHOT.jar

      you will be able to deploy the identity management module into JBoss AS5.

      The tasks that the integration and distro module did are as following:

      1. Generate the database schema in the build time.
      2. Start the IdentitySessionFactory from the META-INF/idm-service-jboss-beans.xml in the JBoss AS5.
      3. Register and the IdentitySessionFactory in the JNDI.

      The file structure for the idm-service.sar is:
      idm-service.sar
       |--idm-sql
       |---------jboss.idm.hsql.create.sql
       |---META-INF
       |---------idm-service-jboss-beans.xml
       |----jboss-idm.xml
       |----jboss.idm.hibernate.cfg.xml


      the content of idm-service-jboss-beans.xml is:

      <bean name="jboss.identity.IDMService"
       class="org.jboss.identity.idm.integration.jboss5.IDMService">
       <constructor>
       <parameter>jboss-idm.xml</parameter>
       </constructor>
       <property name="idmSessionFactoryJNDI">java:/IdentitySessionFactory</property>
       <property name="SQLScript">idm-sql/jboss.idm.hsql.create.sql</property>
       <property name="datasource">java:jbossidmDS</property>
       <property name="exitSQL">select * from jbid_io</property>
       <depends>jboss.jca:service=DataSourceBinding,name=jbossidmDS</depends>
       </bean>



      So, in this case, we installed the default identity management module in the JBoss AS5. other projects who want to use the idm (like jBPM4) can get the IdentitySessionFactory can get it through the jndi.

      This is one way to use the identity management, say using the sharing/default one.

      Another two scenarios that I can see is:

      1. Use it in the embedded way, they want to create the database table schemas in its own database, instead of the sharing one. AFAIK like portal. It will start the identitySessionFactory through the API. In this case, I don't think we need to any integration for it.

      2. Use it in the standalone but with its own repository(database) back-end. say like SOA-Repository(Guvnor) project, it has defined its own guvnor-idm.xml configuration file for the jboss identity. In this case, users need to do as following to start the IdentitySessionFactory. Users just have to write a *-jboss-beans.xml, like what we did for the idm-service.sar, and then can populate the database schema to target DB, and register the IdentitySessionFactory into the specified JNDI.

      Above all, I don't think we need to write the deployer for -idm.xml(configuration file for identity management) at the moment. However, I do think we need to put the idm related jars in a folder that other artifacts can depends on, so that they don't need to have the duplicated idm libraries. (as of writing, I think can can specify other artifacts depends on the idm-service.sar, so that all of libraries in the idm-service.sar can be seen in the artifact, but haven't tried it yet.)

      So, above is what I have & thought about the integration, did I miss something here, or which way will you use the jboss identity project?

      Any comments and suggestions are welcome.