Hi, What is the possibility of selecting a recovery option such as email or mobile?
When a user is matched to the given information, what if we provide possible recovery options such as sending details to the email address or to the mobile number which is already given? Thank you! On Sat, Jan 21, 2017 at 4:20 PM, Pushpalanka Jayawardhana <[email protected]> wrote: > Hi All, > > On Sat, Jan 21, 2017 at 1:35 PM, Isura Karunaratne <[email protected]> wrote: > >> Hi Dinali, >> >> On Sat, Jan 21, 2017 at 12:33 PM, Dinali Dabarera <[email protected]> >> wrote: >> >>> Hi all, >>> >>> We are working on implementing username recovery feature for IS 6.0.0 >>> >>> *The admin has to enable the Username Recovery* >>> >>> >>> *When Username Recovery enabled:* >>> >>> - User portal user can click on the forget username option. >>> - The User can enter his details of the default profile. >>> - The System will match the entered details with the claims >>> available and if they matched, the relevant username will email to his >>> email address and prompt a notification saying that an email is sent to >>> his >>> mail. >>> - If it doesn't match, the user will notify telling that relevant >>> user is not registered in the system. >>> >>> We need to inform user, if multiple users matching to the given >> criteria. Then the user can fiill additional details to recover username. >> > We should have a mechanism like captcha verification here, to avoid > possible brute force attack. > >> >> >>> *When Username Recovery is disabled:* >>> >>> - User portal user may not be able to recover his username. >>> - The User needs to contact the admin of the system to recover his >>> username. >>> >>> The admin enables the username recovery in the identity.yaml file for >>> the users in the domain. Since we have different user stores available in >>> IS 6.0.0, >>> *Does the admin need to enable username recovery in user store >>> wise or Does he need to configure it for the whole domain at once?* >>> >>> >> We need to have a global configuration identity.yaml file for all the >> domains. It is better to have domain/roles/group wise configuration for all >> the identity managment scenarios like account lock, password policy, >> password recovery, idle account suspenstion, force password reset, user >> onbording with ask paassword. >> >> >> Thanks >> Isura. >> >>> >>> Please provide us your comments on this point. >>> >>> Thanks, >>> >>> Dina. >>> -- >>> *Dinali Rosemin Dabarera* >>> Software Engineer >>> WSO2 Lanka (pvt) Ltd. >>> Web: http://wso2.com/ >>> Email : [email protected] >>> LinkedIn <https://lk.linkedin.com/in/dinalidabarera> >>> Mobile: +94770198933 <+94%2077%20019%208933> >>> >>> >>> >>> >>> <https://lk.linkedin.com/in/dinalidabarera> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> _______________________________________________ >>> Architecture mailing list >>> [email protected] >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>> >>> >> >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > Thanks, > -- > Pushpalanka. > -- > Pushpalanka Jayawardhana, B.Sc.Eng.(Hons). > Senior Software Engineer, WSO2 Lanka (pvt) Ltd; wso2.com/ > Mobile: +94779716248 > Blog: pushpalankajaya.blogspot.com/ | LinkedIn: lk.linkedin.com/in/ > pushpalanka/ | Twitter: @pushpalanka > > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- *Pubudu Gunatilaka* Committer and PMC Member - Apache Stratos Software Engineer WSO2, Inc.: http://wso2.com mobile : +94774078049 <%2B94772207163>
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
