Hi All,
I have completed the implementations on $subject and the following content
contains the details about it.
Target Version: IS 5.2.0
*Problems*
-
Right now we must define mapped attribute for each non-wso2 claim in
order to work. Ideally when we say claim mappings, the relationship must be
between 2 claims - wso2 and non-wso2. Mapped attributes should be defined
only for wso2 claim, and transitively it becomes the mapped attribute for
non-wso2 claims.
-
Custom meta data cannot be added for the claim. Only default meta data
are available for every claim. Which are,
-
Display Name
-
Description
-
Regular Expression
-
Display Order
-
Supported by Default
-
Required
-
Read-only
*Objectives*
-
Remove the attribute/claim mapping for non-wso2 dialects. Only WSO2
dialect will have the attribute mapping. Rest of the dialects will refer
the WSO2 claim dialect When creating a new dialect or new claims, wso2
claim should be selected as the mapped attribute for that claim.Therefore
we can have claim-to-claim mappings between wso2 dialect and other
dialects.
-
Allow custom meta data to defined for each claim other than the default
metadata.
-
Keep only file based claim mapping on the user.core side and decouple
the database claim mapping from user.core and move to identity.claim.mgt
side. Only identity.claim.mgt will be aware about the metadata info.
-
Improve claim management UI for user store based claims.
ImplementationClaim Manager implementation.
[image: Class Diagram - ClaimManager.jpg]
-
ClaimManagerFactory will register as an osgi service and
ClaimManagerFactory will return a separate ClaimManager instance for each
tenant.
-
user.core will check whether there are any ClaimManagerFactory services
registered, if not it will return a new DefaultClaimManager, otherwise it
will return an IdentityMgtClaimManager for each tenant.
[image: Factory class.png]
-
From user.core, the dao functionalities will be removed and moved to
Identity claim management.
-
The user.core claims will be stored in memory. DefaultClaimManager will
be a file based claim manager.
-
Reading the claim-config.xml and parsing it as claimConfig object will
be done by the user.core.
-
All the CRUD operations with the database will be handled by the
identity.claim.mgt.
-
Once the claims are received from the user.core, Identity claim manager
will categorize the claims (local and additional claims) and prepare claim
mappings.
Database level changes
-
UM_CLAIM table normalized into four tables
[image: 1.png]
-
UM_CLAIM
[image: 2.png]
-
UM_CLAIM_MAPPING, will hold the relationship between local claims and
other claims
[image: 3.png]
-
UM_CLAIM_MAPPED_ATTRIBUTE, will hold the mapped attributes of local
claims
[image: 4.png]
-
UM_CLAIM_META_DATA , will hold the metadata information of claims
[image: 5.png]
user.api changes
-
Claim (C)- only contains claimUri to uniquely identify a given claim and
the value of the claim. Which previously contains,
- private String *claimUri*;
- private boolean readOnly;
- private boolean checkedAttribute;
- private String displayTag;
- private String description;
- private boolean supportedByDefault;
- private boolean required;
- private String regEx;
- private String dialectURI;
- private String *value*;
- private int displayOrder;
- ClaimManager (I)- Some methods are removed which were involved with
dialects and meta data retrieval. Which are,
- ClaimMapping[] getAllRequiredClaimMappings().
- ClaimMapping[] getAllSupportClaimMappingsByDefault().
- ClaimMapping[] getAllClaimMappings(String dialectUri)
user.core changes
+ FileBasedClaimbuilder (C) - read claimConfig.xml and prepare claimConfig
objects with claim and meta data information.
+ ClaimManagerFactory (I) - to return tenant-specific claim manager object.
+ ClaimConfig (C) - to hold the claim and meta data info.
identtity.claim.mgt.ui
-
When creating a new dialect or new(non-wso2) claim, a wso2(local) claim
needs to be selected from the list.
[image: 6.png]
-
Improved claim management UI for user store based claims.
[image: Untitled-2 copy1.jpg]
Thanks and Regards, Chanuka.
--
Chanuka Dissanayake
*Software Engineer | **WSO2 Inc.*; http://wso2.com
Mobile: +94 71 33 63 596
Email: [email protected]
--
Chanuka Dissanayake
*Software Engineer | **WSO2 Inc.*; http://wso2.com
Mobile: +94 71 33 63 596
Email: [email protected]
_______________________________________________
Architecture mailing list
[email protected]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
