Hi Dinali, On Thu, Feb 2, 2017 at 7:55 PM Dinali Dabarera <[email protected]> wrote:
> Hi all, > > In Username Recovery, I need to find a User which is available for > multiple claims. > So what I do now is, > > *Without considering the domains I go through whole users. * > * |* > * |_ Check for users (100) per claim. ( Default I have 3 claims) -> > *getUserList(String > claimUri, String value) > * |* > * |_ Then match the common users for all claims* > * |* > * |_ If one user found, send the username to the > user,* > * If multiple found, Notify user.* > > I think this procedure has too much work to do. > > But I think it is better to have a method called > *getUserList(ArrayList<UserClaims>) > *with domain or across all domain from the userstore directly than > comparing as above. > > Please leave me comments on this. > +1 for supporting new method in Identity Store level. Thanks Isura. > > Thanks. > > > On Fri, Jan 27, 2017 at 3:03 PM, Dinali Dabarera <[email protected]> wrote: > > Hi all, > > Thanks for the comments! > > We will implement those in our future releases. > > On Tue, Jan 24, 2017 at 11:36 AM, Shani Ranasinghe <[email protected]> wrote: > > > > On Sat, Jan 21, 2017 at 8:20 PM, Imesh Chandrasiri <[email protected]> > wrote: > > Hi, > > +1 for having a recovery option selection such as Facebook does. In any > case where user no longer have access to his/her email address, selecting a > secondary option would be beneficial. > > On Sat, Jan 21, 2017 at 6:10 PM, Pubudu Gunatilaka <[email protected]> > wrote: > > Hi, > > What is the possibility of selecting a recovery option such as email or > mobile? > > When a user is matched to the given information, what if we provide > possible recovery options such as sending details to the email address or > to the mobile number which is already given? > > +1, we could also consider using the security questions/ or verifying the > mobile number registered with the account, if the above is not available > like google does. > > > Thank you! > > On Sat, Jan 21, 2017 at 4:20 PM, Pushpalanka Jayawardhana <[email protected]> > wrote: > > Hi All, > > On Sat, Jan 21, 2017 at 1:35 PM, Isura Karunaratne <[email protected]> wrote: > > Hi Dinali, > > On Sat, Jan 21, 2017 at 12:33 PM, Dinali Dabarera <[email protected]> wrote: > > Hi all, > > We are working on implementing username recovery feature for IS 6.0.0 > > *The admin has to enable the Username Recovery* > > > *When Username Recovery enabled:* > > - User portal user can click on the forget username option. > - The User can enter his details of the default profile. > - The System will match the entered details with the claims available > and if they matched, the relevant username will email to his email address > and prompt a notification saying that an email is sent to his mail. > - If it doesn't match, the user will notify telling that relevant user > is not registered in the system. > > We need to inform user, if multiple users matching to the given criteria. > Then the user can fiill additional details to recover username. > > We should have a mechanism like captcha verification here, to avoid > possible brute force attack. > > > > *When Username Recovery is disabled:* > > - User portal user may not be able to recover his username. > - The User needs to contact the admin of the system to recover his > username. > > The admin enables the username recovery in the identity.yaml file for the > users in the domain. Since we have different user stores available in IS > 6.0.0, > *Does the admin need to enable username recovery in user store wise > or Does he need to configure it for the whole domain at once?* > > > We need to have a global configuration identity.yaml file for all the > domains. It is better to have domain/roles/group wise configuration for all > the identity managment scenarios like account lock, password policy, > password recovery, idle account suspenstion, force password reset, user > onbording with ask paassword. > > > Thanks > Isura. > > > Please provide us your comments on this point. > > Thanks, > > Dina. > -- > *Dinali Rosemin Dabarera* > Software Engineer > WSO2 Lanka (pvt) Ltd. > Web: http://wso2.com/ > Email : [email protected] > LinkedIn <https://lk.linkedin.com/in/dinalidabarera> > Mobile: +94770198933 <+94%2077%20019%208933> > > > > > <https://lk.linkedin.com/in/dinalidabarera> > > > > > > > > > > > > > > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > > > Thanks, > -- > Pushpalanka. > -- > Pushpalanka Jayawardhana, B.Sc.Eng.(Hons). > Senior Software Engineer, WSO2 Lanka (pvt) Ltd; wso2.com/ > Mobile: +94779716248 > Blog: pushpalankajaya.blogspot.com/ | LinkedIn: > lk.linkedin.com/in/pushpalanka/ | Twitter: @pushpalanka > > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > > > > > -- > *Pubudu Gunatilaka* > Committer and PMC Member - Apache Stratos > Software Engineer > WSO2, Inc.: http://wso2.com > mobile : +94774078049 <%2B94772207163> > > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > > > > > -- > *Thanks and Best Regards,* > Imesh Ashandimal Chandrasiri > *Software Engineer* > WSO2, Inc. > lean . enterprise . middleware > *E:* [email protected] | *P:* 0716519187 > > > Disclaimer: This communication may contain privileged or other > confidential information and is intended exclusively for the addressee/s. > If you are not the intended recipient/s, or believe that you may have > received this communication in error, please reply to the sender indicating > that fact and delete the copy you received and in addition, you should not > print, copy, retransmit, disseminate, or otherwise use the information > contained in this communication. Internet communications cannot be > guaranteed to be timely, secure, error or virus-free. The sender does not > accept liability for any errors or omissions. > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > > > > > -- > Thanks and Regards > *,Shani Ranasinghe* > Senior Software Engineer > WSO2 Inc.; http://wso2.com > lean.enterprise.middleware > > mobile: +94 77 2273555 <+94%2077%20227%203555> > Blog: http://waysandmeans.blogspot.com/ > linked in: lk.linkedin.com/pub/shani-ranasinghe/34/111/ab > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > > > > > -- > *Dinali Rosemin Dabarera* > Software Engineer > WSO2 Lanka (pvt) Ltd. > Web: http://wso2.com/ > Email : [email protected] > LinkedIn <https://lk.linkedin.com/in/dinalidabarera> > Mobile: +94770198933 <+94%2077%20019%208933> > > > > > <https://lk.linkedin.com/in/dinalidabarera> > > > > > > > > > > > > > > > > > -- > *Dinali Rosemin Dabarera* > Software Engineer > WSO2 Lanka (pvt) Ltd. > Web: http://wso2.com/ > Email : [email protected] > LinkedIn <https://lk.linkedin.com/in/dinalidabarera> > Mobile: +94770198933 > > > > > <https://lk.linkedin.com/in/dinalidabarera> > > > > > > > > > > > > > > -- *Isura Dilhara Karunaratne* Senior Software Engineer | WSO2 Email: [email protected] Mob : +94 772 254 810 Blog : http://isurad.blogspot.com/
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
