directory-fortress mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Shawn McKinney <>
Subject Re: [Apache Fortress] [FC-144] Questions on implementation of Role-to-Group relationship
Date Tue, 23 Aug 2016 12:22:59 GMT

> On Aug 23, 2016, at 6:52 AM, Vyacheslav Vakhlyuev <> wrote:
>> "Now that I think more, the userroles may need boolean isGroup field, in
>> addition to session, so that it is clear the value in userid field maps to
>> group name."
> Wouldn't this confuse clients-side programmers? Would it be a good idea to
> rename it to "memberId" and introduce a switch?

Yes it is confusing.  The name of the entity class userroles, is as well.  Let’s think about
it a bit more, we’ll figure something out. 

> On Aug 23, 2016, at 6:52 AM, Vyacheslav Vakhlyuev <> wrote:
> "I don’t think we have to modify the ldap schema at all.  The current group
>> object class should work.  Again it will contains role dn’s instead of user
>> dn’s.  The only question in my mind is should we add a new container, i.e.
>> ou=rolegroups.  I am leaning towards ‘yes’."
> I'm not quite clear why we might need this container. Could you please
> explain? I.e. we still should be able to search for Role groups in groups
> container by filtering with memberId and type attributes.

The new container, i.e. ou=rolegroups, isn’t strictly needed.  It could reside alongside
the user groups under the ou=groups container and be filtered just as you say.  The separation
would be for clarity.

> On Aug 23, 2016, at 6:52 AM, Vyacheslav Vakhlyuev <> wrote:
> "You will want to get comfortable running the junit tests.  Any new methods
>> will need tests to verify their functionality.  Will mirantis be
>> contributing this code?"
> I will definitely cover new code with tests. Also, I was trying to assign
> to myself, but it seems that I
> don't have permissions.

Vyacheslav you have been added as a contributor of this project (in JIRA) and the ticket has
been assigned to you.  Welcome aboard!

View raw message