users@javaee-security-spec.java.net

[javaee-security-spec users] [jsr375-experts] Re: Quick question on IdentityStore annotations

From: arjan tijms <arjan.tijms_at_gmail.com>
Date: Mon, 20 Mar 2017 20:25:43 +0100

Hi Will,

The LdapIdentityStoreDefinition annotation and annotations like that,
function essentially as declarative Bean Factories. They are modelled after
the existing DataSourceDefinition annotation in Java EE.

The annotation can be placed on whatever class seen by CDI. When it's
encountered by the CDI extension responsible for processing it, it causes
another bean to be programmatically introduced into the CDI context with
parameters such as set on the *Definition annotation. The actual type of
the bean is left to the implementation, but it implements the IdentityStore
interface.

This can be seen when looking at the following code from the CdiExtension
class in Soteria:

       Optional<LdapIdentityStoreDefinition> optionalLdapStore =

         getAnnotation(

            beanManager,

            event.getAnnotated(),

            LdapIdentityStoreDefinition.class);


        if (optionalLdapStore.isPresent()) {

            identityStoreBeans.add(new CdiProducer<IdentityStore>()

                    .scope(ApplicationScoped.class)

                    .beanClass(IdentityStore.class)

                    .types(Object.class, IdentityStore.class,
LdapIdentityStore.class)

                    .addToId(LdapIdentityStoreDefinition.class)

                    .create(e -> new LdapIdentityStore(optionalLdapStore
.get()))

            );

        }

So per the above code, if an "LdapIdentityStoreDefinition" annotation is
present, a Bean<T> is programmatically added, with the actual
implementation backed by
"org.glassfish.soteria.identitystores.LdapIdentityStore".

Hope this helps ;)

Kind regards,
Arjan Tijms


On Mon, Mar 20, 2017 at 5:36 PM, Will Hopkins <will.hopkins_at_oracle.com>
wrote:

> Arjan, et al.:
>
> How are those meant to be used? What class would be annotated with, e.g.,
> LdapIdentityStoreDefinition, and what is the intended effect? Are they used
> only to configured the container-provided default impls? Only
> application-supplied impls? If the latter, does that mean that the
> container-supplied impls are always configured by the container (and not
> configurable by users)?
>
> Sorry if I'm being dense here, but don't understand the model.
>
> Thanks,
>
> Will
>
> --
> Will Hopkins | WebLogic Security Architect | +1.781.442.0310 <(781)%20442-0310>
> Oracle Application Development
> 35 Network Drive, Burlington, MA 01803
>
>