问题
I need to register user in the system. User cannot exist without a Role (and he surely cannot exist without login and password). Administrator is supposed to be able to add new users by selecting role, writing login/password and some user information. Login/password/security concerns are implemented as separate application/BC (authentication context), roles and permissions are in authorization context and user information is in separate account management context. How can I implement user registration process if all these contexts could be in theory deployed on separate machines? For now I'm using application interface that uses infrastructure service implementation to synchronously and atomically send all needed commands to different BCs (currently it is the same big application).
回答1:
It may be that you have gone down to a too fine degree of granularity with your bounded contexts. An indication of this is usually when the concept you are referring is the exact same thing in more than one bounded context.
Things like User management (registration / authentication / authorization) is typically handled by an Identity & Access Control Bounded Context.
That User would have different meanings / concepts in your downstream bounded contexts: e.g. Author, Supervisor, etc.
However, if you are sure that you want that level of granularity then you are going to have to pick a system of record for your user and that bounded context would own the user and be responsible for the process manager state and seeing the registration through to completion; although, I usually like to have my process management as a bounded context in and of itself and it can orchestrate among the others.
As for doing so atomically... I don't know whether this would necessarily be wise to attempt :)
回答2:
A simple architectural answer: Use a Saga (or a Process Manager) that orchestrates all this.
You have an architecture that consists on three microservices. There are two stiles to integrate microservices: Orchestration and Choreography. A Saga uses orchestration.
Read more on SO about the differences between them.
Update:
I think that Account management should be the master BC. Here the user is born, initially without a role or a meaning to authenticate. Then, it is given a role, a purpose and after that, after it is setup, a username and a pasword. This should be the sequence.
回答3:
You'd need a distributed transaction server for that. Java has a standard for distributed transactions (JTA).
来源:https://stackoverflow.com/questions/42750064/how-can-i-atomically-or-at-least-properly-create-user-in-the-system-with-multi