On Wed, Jan 22, 2014 at 4:51 PM, Lalaji Sureshika <[email protected]> wrote:
> Hi, > > I checked the code and found below configuration need to be added to > identity.xml,in-order to configure the self signup user's assigning role. > > <SelfSignUp> > <SignUpRole> > <Name>test</Name> > <External>true</External> > </SignUpRole> > </SelfSignUp> > > Addition to configuring custom roles for self registration function,is > there a config element to enable/disable self signup functionality? As I > found there's no such config.It's based on the users-store read-only > mode/not. > I'm asking this because, ,in api-manager.xml file also we are keeping a a > <selfsignup> section as below.That api-manager.xml contains one additional > attribute to enable/disable self signup functionality in running server > ,which is not available in the config of identity.xml. If there is a > similar config attribute in identity.xml,we can totally deprecate the use > of <SelfSignUp> in api-manager.xml and stick only to identity.xml config.. > > <SelfSignUp> > <Enabled>true</Enabled> > <SubscriberRoleName>subscriber1</SubscriberRoleName> > > </SelfSignUp> > > If there's no such config element available in identity.xml,shall we add > such property to <SelfSignUp> config in identity.xml and improve the code > of self-signup service based on it,as I feel it's a useful improvement from > IS side as well.. Appreciate thoughts on this.. > +1. It is better to have a property to enable/disable in the identity.xml. I o not think we can configure multiple roles (multiple SignUpRole elements) , If not, we can fix it as well Thanks. Asela. > > Thanks; > > > > > > On Wed, Jan 22, 2014 at 2:30 PM, Lalaji Sureshika <[email protected]> wrote: > >> Hi, >> >> On Wed, Jan 22, 2014 at 2:04 PM, Prabath Siriwardena <[email protected]>wrote: >> >>> I think the right approach is to use [1]. UserSelfRegistrationService >>> will add users to the Identity role by default. But, if you want to add the >>> user to the subscriber role, you can make it configurable. >>> >> Thanks for pointing it. Wasn't aware that the default role for add users >> from "UserSelfRegistrationService" service is configurable.Will follow >> this approach without using a separate listener class. >> >> Thanks; >> >>> >>> Also - with UserSelfRegistrationService - you can specify to which user >>> stores you need to add users. >>> >>> Thanks & regards, >>> -Prabath >>> >>> >>> On Wed, Jan 22, 2014 at 11:22 AM, Lalaji Sureshika <[email protected]>wrote: >>> >>>> Hi, >>>> >>>> With current WSO2 APIStore self signup functionality,we do support only >>>> for super tenant APIStore. We are planning to extend it to support for >>>> tenant users as well. >>>> >>>> With current signup approach, we do two web service calls as; >>>> 1) call "UserSelfRegistrationService" to add the user >>>> 2) call "UserAdmin" to assign the subscriber role to the user >>>> >>>> With above approach,for the 2) call,we need to authenticate and thus >>>> need to have admin credentials predefined.But in tenant mode,to do above 2) >>>> we cannot keep tenant admin credentials predefined in a config file and >>>> use. >>>> >>>> Thus without doing above 2) web service call,we are going to achieve >>>> the role assignment from writing a custom user store listener >>>> implementation and do the role-assignment as a PreAddUser operation.This >>>> way,it'll not required to keep tenant admin/super admin credentials and >>>> will only do one web service call for signup. >>>> >>>> Appreciate your feedback on this. >>>> >>>> >>>> >>>> Thanks; >>>> >>>> -- >>>> Lalaji Sureshika >>>> WSO2, Inc.; http://wso2.com/ >>>> email: [email protected]; >>>> blog: http://lalajisureshika.blogspot.com >>>> >>>> >>>> >>>> _______________________________________________ >>>> Architecture mailing list >>>> [email protected] >>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>> >>>> >>> >>> >>> -- >>> Thanks & Regards, >>> Prabath >>> >>> Twitter : @prabath >>> LinkedIn : http://www.linkedin.com/in/prabathsiriwardena >>> >>> Mobile : +94 71 809 6732 >>> >>> http://blog.facilelogin.com >>> http://blog.api-security.org >>> >>> _______________________________________________ >>> Architecture mailing list >>> [email protected] >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>> >>> >> >> >> -- >> Lalaji Sureshika >> WSO2, Inc.; http://wso2.com/ >> email: [email protected]; cell: +94 71 608 6811 >> blog: http://lalajisureshika.blogspot.com >> >> >> > > > -- > Lalaji Sureshika > WSO2, Inc.; http://wso2.com/ > email: [email protected]; cell: +94 71 608 6811 > blog: http://lalajisureshika.blogspot.com > > > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- Thanks & Regards, Asela ATL Mobile : +94 777 625 933
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
