*Jayanga Kaushalya* Software Engineer Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware
On Wed, Feb 15, 2017 at 1:18 PM, Sagara Gunathunga <[email protected]> wrote: > > > On Wed, Feb 15, 2017 at 1:11 PM, Jayanga Kaushalya <[email protected]> > wrote: > >> >> On Wed, Feb 15, 2017 at 11:58 AM, Sagara Gunathunga <[email protected]> >> wrote: >> >>> >>> >>> On Wed, Feb 15, 2017 at 11:44 AM, Jayanga Kaushalya <[email protected]> >>> wrote: >>> >>>> Hi Sagara, >>>> >>>> We have this feature [1] already in C5. >>>> >>>> [1] https://github.com/wso2-extensions/carbon-security-user- >>>> store-jdbc/blob/master/components/org.wso2.carbon.identity.m >>>> gt.store.connector.jdbc/src/main/java/org/wso2/carbon/identi >>>> ty/mgt/store/connector/jdbc/util/DefaultPasswordHandler.java >>>> >>> >>> I think you are referring to this interface[1], >>> >> >> Yes. >> >>> >>> - Should we implement above interface per hash algorithm basis ? >>> >> >> We can implement this for hash function basis (For example SHA with >> HMAC). >> >>> >>> - If so what is the purpose of "String hashAlgo" parameter >>> of hashPassword(..) method ? >>> >> >> To decide the hash algorithm in the hash function. >> > > This contradict with your answer for above question, if we implement this > interface per hash algorithm basis means each implementation only handle > single hash algorithm, hence passing "String hashAlgo" parameter does not > make sense. > What I meant by hash function is keying mechanism + hash algorithm. If we use DefaultPaswordHandler [1], keying mechanism in here is PBKDF2WithHmac and to change it we have to write a new password handler. What is most commonly changed is hash algorithm part (For ex: PBKDF2WithHmacSHA256, PBKDF2WithHmacSHA512, PBKDF2WithHmacMD5) which we can take from the configuration file [2]. [1] https://github.com/wso2-extensions/carbon-security-user-store-jdbc/blob/master/components/org.wso2.carbon.identity.mgt.store.connector.jdbc/src/main/java/org/wso2/carbon/identity/mgt/store/connector/jdbc/util/DefaultPasswordHandler.java [2] https://github.com/wso2-extensions/carbon-security-user-store-jdbc/blob/master/feature/org.wso2.carbon.identity.mgt.store.connector.jdbc.feature/resources/conf/identity/jdbc-credential-connector.yaml#L21 Thanks ! > >> >>> - ATM are we registering these through identity.xml ? >>> >> >> AFAIK this is registering from the connector config. >> >>> >>> >>> [1] - https://github.com/wso2/carbon-identity-mgt/blob/5e8b01788 >>> 2415571aaba74aa16c538d4a0a3c587/components/org.wso2.carbon.i >>> dentity.mgt/src/main/java/org/wso2/carbon/identity/mgt/impl/ >>> util/PasswordHandler.java >>> <https://github.com/wso2/carbon-identity-mgt/blob/5e8b017882415571aaba74aa16c538d4a0a3c587/components/org.wso2.carbon.identity.mgt/src/main/java/org/wso2/carbon/identity/mgt/impl/util/PasswordHandler.java> >>> >>> >>> >>>> >>>> Thanks! >>>> >>>> *Jayanga Kaushalya* >>>> Software Engineer >>>> Mobile: +94777860160 <+94%2077%20786%200160> >>>> WSO2 Inc. | http://wso2.com >>>> lean.enterprise.middleware >>>> >>>> On Wed, Feb 15, 2017 at 11:18 AM, Sagara Gunathunga <[email protected]> >>>> wrote: >>>> >>>>> >>>>> We have the same requirement in 5.3.0 and will go ahead with custom >>>>> user store approach. We need to include this into C5 task list. >>>>> >>>>> Thanks ! >>>>> >>>>> On Sun, Apr 24, 2016 at 10:03 AM, Godwin Shrimal <[email protected]> >>>>> wrote: >>>>> >>>>>> Jira [1] created to track this. >>>>>> >>>>>> [1] https://wso2.org/jira/browse/IDENTITY-4541 >>>>>> >>>>>> >>>>>> Thanks >>>>>> Godwin >>>>>> >>>>>> >>>>>> On Tue, Apr 19, 2016 at 9:53 AM, Godwin Shrimal <[email protected]> >>>>>> wrote: >>>>>> >>>>>>> Hi Prabath, >>>>>>> >>>>>>> Yes this is for C4. I am not quit sure how we can achieve this in C5 >>>>>>> as well. >>>>>>> >>>>>>> >>>>>>> Thanks >>>>>>> Godwin >>>>>>> >>>>>>> >>>>>>> On Tue, Apr 19, 2016 at 7:50 AM, Prabath Siriwardana < >>>>>>> [email protected]> wrote: >>>>>>> >>>>>>>> +1 >>>>>>>> >>>>>>>> I guess this is for the C4 ? >>>>>>>> >>>>>>>> Thanks & regards, >>>>>>>> -Prabath >>>>>>>> >>>>>>>> On Mon, Apr 18, 2016 at 4:32 AM, Godwin Shrimal <[email protected]> >>>>>>>> wrote: >>>>>>>> >>>>>>>>> Hi, >>>>>>>>> >>>>>>>>> There are use case which need to implement some custom password >>>>>>>>> management scenarios as follows. >>>>>>>>> >>>>>>>>> 1. Proprietary hashing and salting are being used. >>>>>>>>> 2. Integration with third party security modules (Ex. HSM) >>>>>>>>> >>>>>>>>> In the current implementation, we can achieve this by writing >>>>>>>>> custom UserStoreManager, If we can give an extension point only for >>>>>>>>> password management in the user store manager we can achieve some >>>>>>>>> practical >>>>>>>>> problems easily by decoupling the password management. >>>>>>>>> >>>>>>>>> WDYT ? >>>>>>>>> >>>>>>>>> Thanks >>>>>>>>> Godwin >>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> *Godwin Amila Shrimal* >>>>>>>>> Senior Software Engineer >>>>>>>>> WSO2 Inc.; http://wso2.com >>>>>>>>> lean.enterprise.middleware >>>>>>>>> >>>>>>>>> mobile: *+94772264165* >>>>>>>>> linkedin: *http://lnkd.in/KUum6D <http://lnkd.in/KUum6D>* >>>>>>>>> twitter: https://twitter.com/godwinamila >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> Thanks & Regards, >>>>>>>> Prabath >>>>>>>> >>>>>>>> Twitter : @prabath >>>>>>>> LinkedIn : http://www.linkedin.com/in/prabathsiriwardena >>>>>>>> >>>>>>>> Mobile : +1 650 625 7950 >>>>>>>> >>>>>>>> http://blog.facilelogin.com >>>>>>>> http://blog.api-security.org >>>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> *Godwin Amila Shrimal* >>>>>>> Senior Software Engineer >>>>>>> WSO2 Inc.; http://wso2.com >>>>>>> lean.enterprise.middleware >>>>>>> >>>>>>> mobile: *+94772264165* >>>>>>> linkedin: *http://lnkd.in/KUum6D <http://lnkd.in/KUum6D>* >>>>>>> twitter: https://twitter.com/godwinamila >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> *Godwin Amila Shrimal* >>>>>> Senior Software Engineer >>>>>> WSO2 Inc.; http://wso2.com >>>>>> lean.enterprise.middleware >>>>>> >>>>>> mobile: *+94772264165* >>>>>> linkedin: *http://lnkd.in/KUum6D <http://lnkd.in/KUum6D>* >>>>>> twitter: https://twitter.com/godwinamila >>>>>> >>>>>> _______________________________________________ >>>>>> Architecture mailing list >>>>>> [email protected] >>>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> Sagara Gunathunga >>>>> >>>>> Associate Director / Architect; WSO2, Inc.; http://wso2.com >>>>> V.P Apache Web Services; http://ws.apache.org/ >>>>> Linkedin; http://www.linkedin.com/in/ssagara >>>>> Blog ; http://ssagara.blogspot.com >>>>> >>>>> >>>> >>> >>> >>> -- >>> Sagara Gunathunga >>> >>> Associate Director / Architect; WSO2, Inc.; http://wso2.com >>> V.P Apache Web Services; http://ws.apache.org/ >>> Linkedin; http://www.linkedin.com/in/ssagara >>> Blog ; http://ssagara.blogspot.com >>> >>> >> > > > -- > Sagara Gunathunga > > Associate Director / Architect; WSO2, Inc.; http://wso2.com > V.P Apache Web Services; http://ws.apache.org/ > Linkedin; http://www.linkedin.com/in/ssagara > Blog ; http://ssagara.blogspot.com > >
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
