JBoss.orgCommunity Documentation
This part is represented by <stores><identity-store>... element
<stores>
<attribute-stores/>
<identity-stores>
<identity-store> ... </identity-store>
<identity-store> ... </identity-store>
</identity-stores>
</stores>
<stores/> element contains <identity-store> and <attribute-store> elements. Currently <attribute-store> configuration is ignored so only <identity-store> elements can be configured.
<identity-store>
<id>Sample Hibernate Store</id>
<class>org.picketlink.idm.impl.store.hibernate.HibernateIdentityStoreImpl</class>
<external-config/>
<supported-relationship-types>
<relationship-type>
JBOSS_IDENTITY_MEMBERSHIP
</relationship-type>
<relationship-type>
JBOSS_IDENTITY_ROLE
</relationship-type>
</supported-relationship-types>
<supported-identity-object-types>
<identity-object-type>
...
</identity-object-type>
...
<identity-object-type>
...
</identity-object-type>
</supported-identity-object-types>
<options>
<option>
<name>persistenceUnit</name>
<value>jboss-identity-model-xxx</value>
</option>
<option>
<name>otherOption</name>
<value>value1</value>
<value>value2</value>
<value>value3</value>
</option>
</options>
</identity-store>
<identity-store> element:
id - IdentityStore id
class - IdentityStore class name
external-config - external configuration file used by IdentityStore
supported-relationship-types - IdentityObjectRelationshipType names that are supported by this IdentityStore. JBOSS_IDENTITY_MEMBERSHIP is standard value used by default framework implementation for membership type relationships (between two Group objects) and JBOSS_IDENTITY_ROLE is standard value for Role type memberships (named relationships)
supported-identity-object-types - configuration of IdentityObjectType objects mapped by IdentityStore
options - other IdentityStore configuration options
<supported-identity-object-types>
<identity-object-type>
<name>OFFICE</name>
<relationships>
<relationship>
<relationship-type-ref>
JBOSS_IDENTITY_MEMBERSHIP
</relationship-type-ref>
<identity-object-type-ref>
IDENTITY
</identity-object-type-ref>
</relationship>
<relationship>
<relationship-type-ref>
JBOSS_IDENTITY_MEMBERSHIP
</relationship-type-ref>
<identity-object-type-ref>
CONFERENCE_ROOM
</identity-object-type-ref>
</relationship>
</relationships>
<credentials/>
<attributes/>
<options/>
</identity-object-type>
<identity-object-type>
<name>IDENTITY</name>
<relationships>
<relationship>
<relationship-type-ref>
JBOSS_IDENTITY_ROLE
</relationship-type-ref>
<identity-object-type-ref>
COMMUNITY
</identity-object-type-ref>
</relationship>
</relationships>
<credentials>
<credential-type>PASSWORD</credential-type>
<credential-type>BINARY</credential-type>
</credentials>
<attributes>
<attribute>
<name>picture</name>
<mapping>user.picture</mapping>
<type>binary</type>
<isRequired>false</isRequired>
<isMultivalued>false</isMultivalued>
<isReadOnly>false</isReadOnly>
</attribute>
</attributes>
</identity-object-type>
</supported-identity-object-types>
<identity-object-type> element:
name- IdentityObjectType name
relationships - relationships in which IdentityObjectType can be parent side. <relationship-type-ref> must point to one of values from <supported-relationship-types> . <identity-object-type-ref> must be one of <identity-object-type><name> values configured in this IdentityStore.
credentials - IdentityObjectCredentialType names allowed for this IdentityObjectType
attributes - allowed attribute mappings. Each contains:
name - attribute name
mapping - real name to be used inside IdentityStore. For example LDAP attribute name
type - either "binary" or "text" value
isRequired - if attribute cannot have no values
isMultivalued - if attribute can have many values
isReadonly - if attribute values can be modified
options - other options for IdentityObjectType configuration