Identity Manager

The Identity Manager is a core framework feature. As the name implies it keeps record of user and groups identities and manages access credentials.

The Identity Manager is a pluggable framework module. There are several implementations available, namely:

  • RAM-based - the default implementation that ships with DiF, trading lightness and fast performance for persistence capabilities. Well suited to development efforts or small personal sites.
  • LDAP-based - offers good scalability capacities and compatibility with the LDAP protocol. Available for Microsoft's AD and OpenLDAP.

Soon it will be available a proprieatary DB-based implementation for users with no identity manager compatibility issues. It's aimed at small enterprise and B2C web sites.

Features

The Identity Manager offers the following features:

  • User Creation, Read, Update, Delete operations
  • Group Creation, Read, Update, Delete operations
  • Identity validation
  • Entity relations operations: add and remove users from groups and groups to groups, entity search in groups, etc.

The complete Identity Manager interface can be inspected here.

In depth...

The user guide shows examples on how to use the identity manager.

The objects used by the framework and by the identity manager to store the relevant data are described here.