The Seam identity manager API provides a standard interface for identifying management functionality, for example, creating users or assigning roles to users, irrespective of the security-backing store. The security-backing store may be implemented as either database tables via JPA or via LDAP (Lightweight Directory Access Protocol).
The Seam identity manager is new to Seam 2.1, and provides fine-grained security access permission on top of security roles. We will discuss the identity manager API briefly in this section, so that we have a good understanding of what it can achieve. In particular, we'll pay attention to how to create users and assign roles to them by using a JPA-based security-backing store.
To use the Seam identity manager with a JPA backing store, we need to specify which JPA classes represent our user and role entities. This is achieved by using the <security:jpa-identity-store>
element within an application's components.xml
file. To...