On Fri, Jan 27, 2017 at 2:02 PM, Isura Karunaratne <[email protected]> wrote:
> Hi Johann, Thanuja, > > If we have multiple user stores in C4, it will be looped > UserOperationEventListeners in each user store until authentication success > > public boolean doPreAuthenticate(String userName, Object credential, > UserStoreManager userStoreManager) throws > UserStoreException; > > > In this case if need to check whether the user is locked or not, we had to > check user existence in each user store as follows. > > > String domainName = > userStoreManager.getRealmConfiguration().getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_DOMAIN_NAME); > String usernameWithDomain = UserCoreUtil.addDomainToName(userName, > domainName); > boolean isUserExistInCurrentDomain = > userStoreManager.isExistingUser(usernameWithDomain); > > > How can we handle this in C5?. Is the interceptors called only one time or > will they be called for each domains? > > Interceptors are called only once and I think that is the correct behaviour of an interceptor. > > void doPreAuthenticate(Claim claim, Callback[] credentials, String > domainName) throws AuthenticationFailure, > IdentityStoreException; > > > If this is calling only one time, how to identify the domainName correcly > in interceptor level? If this is calling multiple times we need to a method > for check isUserExististng. > > The easiest solution would be to move the account lock check in the doPostAuthenticate intercepting method. It also makes more sense to check if account is locked only if authentication was successful I think. > > > > Thanks > Isura > > > > *Isura Dilhara Karunaratne* > Senior Software Engineer | WSO2 > Email: [email protected] > Mob : +94 772 254 810 <+94%2077%20225%204810> > Blog : http://isurad.blogspot.com/ > > > > > On Fri, Jan 27, 2017 at 1:07 PM, Johann Nallathamby <[email protected]> > wrote: > >> Hi Lahiru, >> >> Unless its really required for your business logic you should avoid >> checking if user exists all the time. If user does not exist you will get >> an exception and you can handle it. You should not be compromising best >> case performance. I know we've done this mistake in several places in C4. >> We should be careful in C5. >> >> I will let the others to comment on if there are optimal ways to retrieve >> the user. >> >> Regards, >> Johann. >> >> On Fri, Jan 27, 2017 at 12:58 PM, Lahiru Manohara <[email protected]> >> wrote: >> >>> Hi, >>> >>> We can use getUser method to check whether the user exists in user >>> stores. But do we have any optimized method to do this operation? >>> >>> Best Regards, >>> -- >>> *Lahiru Manohara* >>> *Software Engineer* >>> Mobile: +94716561576 >>> WSO2 Inc. | http://wso2.com >>> lean.enterprise.middleware >>> >> >> >> >> -- >> Thanks & Regards, >> >> *Johann Dilantha Nallathamby* >> Technical Lead & Product Lead of WSO2 Identity Server >> Governance Technologies Team >> WSO2, Inc. >> lean.enterprise.middleware >> >> Mobile - *+94777776950* >> Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* >> > > -- Thanks & Regards, *Johann Dilantha Nallathamby* Technical Lead & Product Lead of WSO2 Identity Server Governance Technologies Team WSO2, Inc. lean.enterprise.middleware Mobile - *+94777776950* Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>*
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
