On Wed, Feb 15, 2017 at 1:11 PM, Jayanga Kaushalya <[email protected]> wrote:
> > On Wed, Feb 15, 2017 at 11:58 AM, Sagara Gunathunga <[email protected]> > wrote: > >> >> >> On Wed, Feb 15, 2017 at 11:44 AM, Jayanga Kaushalya <[email protected]> >> wrote: >> >>> Hi Sagara, >>> >>> We have this feature [1] already in C5. >>> >>> [1] https://github.com/wso2-extensions/carbon-security-user- >>> store-jdbc/blob/master/components/org.wso2.carbon.identity.m >>> gt.store.connector.jdbc/src/main/java/org/wso2/carbon/identi >>> ty/mgt/store/connector/jdbc/util/DefaultPasswordHandler.java >>> >> >> I think you are referring to this interface[1], >> > > Yes. > >> >> - Should we implement above interface per hash algorithm basis ? >> > > We can implement this for hash function basis (For example SHA with HMAC). > > >> >> - If so what is the purpose of "String hashAlgo" parameter >> of hashPassword(..) method ? >> > > To decide the hash algorithm in the hash function. > This contradict with your answer for above question, if we implement this interface per hash algorithm basis means each implementation only handle single hash algorithm, hence passing "String hashAlgo" parameter does not make sense. Thanks ! > >> - ATM are we registering these through identity.xml ? >> > > AFAIK this is registering from the connector config. > >> >> >> [1] - https://github.com/wso2/carbon-identity-mgt/blob/5e8b01788 >> 2415571aaba74aa16c538d4a0a3c587/components/org.wso2.carbon. >> identity.mgt/src/main/java/org/wso2/carbon/identity/mgt/ >> impl/util/PasswordHandler.java >> <https://github.com/wso2/carbon-identity-mgt/blob/5e8b017882415571aaba74aa16c538d4a0a3c587/components/org.wso2.carbon.identity.mgt/src/main/java/org/wso2/carbon/identity/mgt/impl/util/PasswordHandler.java> >> >> >> >>> >>> Thanks! >>> >>> *Jayanga Kaushalya* >>> Software Engineer >>> Mobile: +94777860160 <+94%2077%20786%200160> >>> WSO2 Inc. | http://wso2.com >>> lean.enterprise.middleware >>> >>> On Wed, Feb 15, 2017 at 11:18 AM, Sagara Gunathunga <[email protected]> >>> wrote: >>> >>>> >>>> We have the same requirement in 5.3.0 and will go ahead with custom >>>> user store approach. We need to include this into C5 task list. >>>> >>>> Thanks ! >>>> >>>> On Sun, Apr 24, 2016 at 10:03 AM, Godwin Shrimal <[email protected]> >>>> wrote: >>>> >>>>> Jira [1] created to track this. >>>>> >>>>> [1] https://wso2.org/jira/browse/IDENTITY-4541 >>>>> >>>>> >>>>> Thanks >>>>> Godwin >>>>> >>>>> >>>>> On Tue, Apr 19, 2016 at 9:53 AM, Godwin Shrimal <[email protected]> >>>>> wrote: >>>>> >>>>>> Hi Prabath, >>>>>> >>>>>> Yes this is for C4. I am not quit sure how we can achieve this in C5 >>>>>> as well. >>>>>> >>>>>> >>>>>> Thanks >>>>>> Godwin >>>>>> >>>>>> >>>>>> On Tue, Apr 19, 2016 at 7:50 AM, Prabath Siriwardana < >>>>>> [email protected]> wrote: >>>>>> >>>>>>> +1 >>>>>>> >>>>>>> I guess this is for the C4 ? >>>>>>> >>>>>>> Thanks & regards, >>>>>>> -Prabath >>>>>>> >>>>>>> On Mon, Apr 18, 2016 at 4:32 AM, Godwin Shrimal <[email protected]> >>>>>>> wrote: >>>>>>> >>>>>>>> Hi, >>>>>>>> >>>>>>>> There are use case which need to implement some custom password >>>>>>>> management scenarios as follows. >>>>>>>> >>>>>>>> 1. Proprietary hashing and salting are being used. >>>>>>>> 2. Integration with third party security modules (Ex. HSM) >>>>>>>> >>>>>>>> In the current implementation, we can achieve this by writing >>>>>>>> custom UserStoreManager, If we can give an extension point only for >>>>>>>> password management in the user store manager we can achieve some >>>>>>>> practical >>>>>>>> problems easily by decoupling the password management. >>>>>>>> >>>>>>>> WDYT ? >>>>>>>> >>>>>>>> Thanks >>>>>>>> Godwin >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> *Godwin Amila Shrimal* >>>>>>>> Senior Software Engineer >>>>>>>> WSO2 Inc.; http://wso2.com >>>>>>>> lean.enterprise.middleware >>>>>>>> >>>>>>>> mobile: *+94772264165* >>>>>>>> linkedin: *http://lnkd.in/KUum6D <http://lnkd.in/KUum6D>* >>>>>>>> twitter: https://twitter.com/godwinamila >>>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> Thanks & Regards, >>>>>>> Prabath >>>>>>> >>>>>>> Twitter : @prabath >>>>>>> LinkedIn : http://www.linkedin.com/in/prabathsiriwardena >>>>>>> >>>>>>> Mobile : +1 650 625 7950 >>>>>>> >>>>>>> http://blog.facilelogin.com >>>>>>> http://blog.api-security.org >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> *Godwin Amila Shrimal* >>>>>> Senior Software Engineer >>>>>> WSO2 Inc.; http://wso2.com >>>>>> lean.enterprise.middleware >>>>>> >>>>>> mobile: *+94772264165* >>>>>> linkedin: *http://lnkd.in/KUum6D <http://lnkd.in/KUum6D>* >>>>>> twitter: https://twitter.com/godwinamila >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> *Godwin Amila Shrimal* >>>>> Senior Software Engineer >>>>> WSO2 Inc.; http://wso2.com >>>>> lean.enterprise.middleware >>>>> >>>>> mobile: *+94772264165* >>>>> linkedin: *http://lnkd.in/KUum6D <http://lnkd.in/KUum6D>* >>>>> twitter: https://twitter.com/godwinamila >>>>> >>>>> _______________________________________________ >>>>> Architecture mailing list >>>>> [email protected] >>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>>> >>>>> >>>> >>>> >>>> -- >>>> Sagara Gunathunga >>>> >>>> Associate Director / Architect; WSO2, Inc.; http://wso2.com >>>> V.P Apache Web Services; http://ws.apache.org/ >>>> Linkedin; http://www.linkedin.com/in/ssagara >>>> Blog ; http://ssagara.blogspot.com >>>> >>>> >>> >> >> >> -- >> Sagara Gunathunga >> >> Associate Director / Architect; WSO2, Inc.; http://wso2.com >> V.P Apache Web Services; http://ws.apache.org/ >> Linkedin; http://www.linkedin.com/in/ssagara >> Blog ; http://ssagara.blogspot.com >> >> > -- Sagara Gunathunga Associate Director / Architect; WSO2, Inc.; http://wso2.com V.P Apache Web Services; http://ws.apache.org/ Linkedin; http://www.linkedin.com/in/ssagara Blog ; http://ssagara.blogspot.com
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
