[Architecture] An API to get the count of users

Tue, 09 Feb 2016 01:55:36 -0800 

Hi All,

We are in the process of addressing following requirements related to
getting the user count of user store.

*Requirement*
Mainly(in prority order),

   1. *Get the count of users in a userstore domain*
   2. Get the count of users within a tenant space
   3. Get the count of users having a specific claim value (count the
   results matching a specific claim value. eg: Number of users been locked,
   Number of users from a specific country)


Additionally following functionalities would be good to have,

   1. Get the count of users across tenants


​


*Approaches*

   1. Keep a seperate database table to track the user count. Incrementally
   update it each time a new user is added.
      - When plugging an existing user store, the table needs to be
         populated initially for once with existing user.
         - PR at [1] creates a table 'IDN_UID_USER' to same user when user
         name is renamed. It will be possible to use that table for this same
         requirement.
         - This approach does *NOT* address 3rd requirement.
      2. Execute a count query at user store manager level (This will be an
   API addition to carbon kernel user core)
      - This will cater for all the main requirements
         - The LDAP protocol does not have a specific mentioning about an
         API for count
            - Different implementations have different approaches to
            achieve this.
               - OpenDS, Sundirectory server -

https://blogs.oracle.com/Ludo/entry/ldap_tip_counting_the_number
                  - OpenLDAP -
                  http://www.openldap.org/its/index.cgi/Archive.Incoming?id=4161
               - Implementing this in LDAP seems to be comparatively harder
            than JDBC with having to manually go through the trees.
            - With user stores having millions of users, the operation will
            be very time consuming. (UI might be less responsive, if
the API is used
            via mgt console)

Appreciate your thoughts, inputs regarding this.
@Kernel team : Appreciate your feed back on feasible time lines of
releasing this new API integrated with user.core, if required to do so.

[1] - Rename user https://github.com/wso2/carbon-identity/pull/437
<https://github.com/wso2/carbon-identity/pull/437>
[2] - LDAP Protocol - https://tools.ietf.org/html/rfc4511


Thanks,
Pushpalanka.
-- 
Pushpalanka Jayawardhana, B.Sc.Eng.(Hons).
Senior Software Engineer, WSO2 Lanka (pvt) Ltd;  wso2.com/
Mobile: +94779716248
Blog: pushpalankajaya.blogspot.com/ | LinkedIn:
lk.linkedin.com/in/pushpalanka/ | Twitter: @pushpalanka

_______________________________________________
Architecture mailing list
Architecture@wso2.org
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture

Reply via email to