Hi kathees, On Wed, Oct 5, 2016 at 2:12 PM, Kathees Rajendram <[email protected]> wrote:
> Hi All, > > I am working on creating common extension framework for IS authenticators. > Can you explain more on this. What is the existing problem and how its going to fix this framework. At the moment we have authentication framework where we mainly handle the authentication related operations and Authenticators are one of the connectors that can be plugged in to authentication framework. So why do we need another framework for authenticates. And I think following items also more specific to authenticates and I don't think we can use them in all authenticates. Thanks, Ishara > > In extension common framework, I am planing to add the following features > which can be reused in authenticators. > > - Federated authenticator support - Currently, two-factor > authenticator supports basic authenticator in the first step and federated > authentication in first factor supports only in TOTP authenticator. I am > planing to add this federated authenticator support in common framework so > we can reuse in all two factor authenticators. > > > - Account Lock/Unlock - Currently, we don't have any limit for > applying the code in two factor authenticator authentication. I am planing > to add Lock a user account functionality [1] when configurable number of > applying code attempts are exceeded in second step of authentication. > > > - Alternative authentication steps > > Backup Phone no - Add backup phone so user can still sign in > if user lose phone and add alternative step as backup phone no. > Backup codes - These printable one-off pass codes allow you > to sign in when away from your phone, like when you’re traveling. > Currently We have similar > functionality in SMS OTP authenticator,We will move to IS authenticator > common framework which can be used in other authenticators. > > - HOTP and TOTP algorithm based code generation - We can reuse OTP > code generation in SMS [2] and Email OTP [3], TOTP [4] authenticators. > > > Please let me know if you have any concerns. > > [1] - https://docs.wso2.com/display/IS520/User+Account+Locking+and > +Account+Disabling > > [2] - https://docs.wso2.com/display/ISCONNECTORS/Configuring+SMSOT > P+Authenticator > > [3] - https://docs.wso2.com/display/ISCONNECTORS/Configuring+Email > OTP+Authenticator > > [4] - https://docs.wso2.com/display/ISCONNECTORS/Configuring+ > TOTP+Authenticator > > Thanks, > Kathees > > -- > Kathees > Software Engineer, > email: [email protected] > mobile: +94772596173 > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- Ishara Karunarathna Associate Technical Lead WSO2 Inc. - lean . enterprise . middleware | wso2.com email: [email protected], blog: isharaaruna.blogspot.com, mobile: +94717996791
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
