Hi all,
We have implemented self signup feature for tenanted App Stores in
multi-tenanted environment. In App Manager 1.0.0, we did not have isolated
tenanted App Store view support along with the tenanted user signup
feature. It only facilitates the anonymous App Store view and self signup
support for Carbon Super users only. But from next App Manager (version
1.1.0) onward, tenant isolated App Store support (Dedicated App Store for
each tenant) will be provided together with tenanted self signup from each
App Store. Apart from that, user signup will be more configurable with this
new feature.
The implementation details of this particular feature are illustrated below.
- In App Manager 1.0.0, signup configuration was in
APPM/repository/conf/app-manager.xml. With this new feature, signup
configuration has been removed from app-manager.xml and moved in to
registry location of
'/_system/governance/apimgt/applicationdata/sign-up-config.xml'. Following
configuration will be available in the above mentioned registry location of
super tenant.
<selfsignup>
<enablesignup>true</enablesignup>
<!-- user storage to store users -->
<signupdomain>PRIMARY</signupdomain>
<!-- Tenant admin information. (for clustered setup credentials for
AuthManager) -->
<adminusername>admin</adminusername>
<adminpassword>admin</adminpassword>
<!-- List of roles for the tenant user -->
<signuproles>
<signuprole>
<rolename>subscriber</rolename>
<isexternalrole>false</isexternalrole>
</signuprole>
</signuproles>
</selfsignup>
- Similar configuration will be available as per tenant in tenant's
registry space and once the tenant has been created, tenant credentials
needs to be configured accordingly.
- According to the above configuration, App Store user signup
functionality can be enabled or disables per each tenant. By default,
signup feature will be enabled for all the tenants including super tenant.
Once it has been disabled (<enablesignup>false</enablesignup>), User
'Register' functionality will be disabled from the tenant App
store ('Register' button will be disappeared) .
- In signup configuration, we can define list of roles which should be
assigned to the users who registered from the tenant store UI. Apart from
that, we can configure whether the role is an internal role or an external
role. During the tenant load time, the signup role list will be created in
tenant space (If the roles are not already created).
- In tenanted App Manager deployment, users can browse all the available
tenant stores according to new implementation. When a user has
been registered from a particular tenant store using the signup form,
tenant domain will be appended to the provided username and that should be
used for store login purposes.
- During tenant user registration, it will check the signup role list
available in the sign-up-configuration of the given tenant domain and newly
created user will be assigned with those roles. The users with the signup
roles will be allowed to login to App Store.
*Future Improvements*
- Making the Signup role permissions configurable via the signup
configuration (Adding permission list under signup roles).
Please share your comments on this
Thanks
Thank you
--
Thilini Shanika
Software Engineer
WSO2, Inc.; http://wso2.com
20, Palmgrove Avenue, Colombo 3
E-mail: [email protected]
_______________________________________________
Architecture mailing list
[email protected]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
