Hi,
I checked the code and found below configuration need to be added to
identity.xml,in-order to configure the self signup user's assigning role.
<SelfSignUp>
<SignUpRole>
<Name>test</Name>
<External>true</External>
</SignUpRole>
</SelfSignUp>
Addition to configuring custom roles for self registration function,is
there a config element to enable/disable self signup functionality? As I
found there's no such config.It's based on the users-store read-only
mode/not.
I'm asking this because, ,in api-manager.xml file also we are keeping a a
<selfsignup> section as below.That api-manager.xml contains one additional
attribute to enable/disable self signup functionality in running server
,which is not available in the config of identity.xml. If there is a
similar config attribute in identity.xml,we can totally deprecate the use
of <SelfSignUp> in api-manager.xml and stick only to identity.xml config..
<SelfSignUp>
<Enabled>true</Enabled>
<SubscriberRoleName>subscriber1</SubscriberRoleName>
</SelfSignUp>
If there's no such config element available in identity.xml,shall we add
such property to <SelfSignUp> config in identity.xml and improve the code
of self-signup service based on it,as I feel it's a useful improvement from
IS side as well.. Appreciate thoughts on this..
Thanks;
On Wed, Jan 22, 2014 at 2:30 PM, Lalaji Sureshika <[email protected]> wrote:
> Hi,
>
> On Wed, Jan 22, 2014 at 2:04 PM, Prabath Siriwardena <[email protected]>wrote:
>
>> I think the right approach is to use [1]. UserSelfRegistrationService
>> will add users to the Identity role by default. But, if you want to add the
>> user to the subscriber role, you can make it configurable.
>>
> Thanks for pointing it. Wasn't aware that the default role for add users
> from "UserSelfRegistrationService" service is configurable.Will follow
> this approach without using a separate listener class.
>
> Thanks;
>
>>
>> Also - with UserSelfRegistrationService - you can specify to which user
>> stores you need to add users.
>>
>> Thanks & regards,
>> -Prabath
>>
>>
>> On Wed, Jan 22, 2014 at 11:22 AM, Lalaji Sureshika <[email protected]>wrote:
>>
>>> Hi,
>>>
>>> With current WSO2 APIStore self signup functionality,we do support only
>>> for super tenant APIStore. We are planning to extend it to support for
>>> tenant users as well.
>>>
>>> With current signup approach, we do two web service calls as;
>>> 1) call "UserSelfRegistrationService" to add the user
>>> 2) call "UserAdmin" to assign the subscriber role to the user
>>>
>>> With above approach,for the 2) call,we need to authenticate and thus
>>> need to have admin credentials predefined.But in tenant mode,to do above 2)
>>> we cannot keep tenant admin credentials predefined in a config file and use.
>>>
>>> Thus without doing above 2) web service call,we are going to achieve the
>>> role assignment from writing a custom user store listener implementation
>>> and do the role-assignment as a PreAddUser operation.This way,it'll not
>>> required to keep tenant admin/super admin credentials and will only do one
>>> web service call for signup.
>>>
>>> Appreciate your feedback on this.
>>>
>>>
>>>
>>> Thanks;
>>>
>>> --
>>> Lalaji Sureshika
>>> WSO2, Inc.; http://wso2.com/
>>> email: [email protected];
>>> blog: http://lalajisureshika.blogspot.com
>>>
>>>
>>>
>>> _______________________________________________
>>> Architecture mailing list
>>> [email protected]
>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>>>
>>>
>>
>>
>> --
>> Thanks & Regards,
>> Prabath
>>
>> Twitter : @prabath
>> LinkedIn : http://www.linkedin.com/in/prabathsiriwardena
>>
>> Mobile : +94 71 809 6732
>>
>> http://blog.facilelogin.com
>> http://blog.api-security.org
>>
>> _______________________________________________
>> Architecture mailing list
>> [email protected]
>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>>
>>
>
>
> --
> Lalaji Sureshika
> WSO2, Inc.; http://wso2.com/
> email: [email protected]; cell: +94 71 608 6811
> blog: http://lalajisureshika.blogspot.com
>
>
>
--
Lalaji Sureshika
WSO2, Inc.; http://wso2.com/
email: [email protected]; cell: +94 71 608 6811
blog: http://lalajisureshika.blogspot.com
_______________________________________________
Architecture mailing list
[email protected]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
