Going forward, we are introducing a subtype of AuthenticationContext named AuthenticationFailureContext, which will be returned for a failed authentication attempt instead of throwing an AuthenticationFailure exception.
The AuthenticationFailureContext will hold a list of all the unique user IDs which could not be authenticated using the given credentials. The class diagram for the mentioned classes will be as follows. [image: Inline image 1] With this approach, when using the authenticate method, we will first have to check the authentication status with isAuthenticated() and if the result is false, then cast the response to AuthenticationFailureContext to get the failed user ID list. Regards, Omindu. On Sat, Feb 11, 2017 at 12:10 AM, Johann Nallathamby <[email protected]> wrote: > I think we must have a handleException() method in our handlers and these > methods must be called for exceptions. This is how cxf interceptors are > designed. Also AuthenticationContext will work for authentication only. > What do we do for methods with void return type? I think the better > solution is to have a handleException() method so that each handler can > handle exceptions in a handler specific way. May be we can replace > rollback() with handleException() and make it more generic. > > Regards, > Johann. > > On Thu, Feb 9, 2017 at 5:11 PM, Isura Karunaratne <[email protected]> wrote: > >> Hi all, >> >> >> According to the C5 Identity Mangement implementation [1], it throws >> AuthenticationFailure >> exception for invalid credentials and due to that, POST_AUTHENTICATION >> event will *not* be triggered. It is required to trigger >> POST_AUTHENTICATION event for authentication failure scenarios as well. For >> example, it is required to increment user failed login count in account >> lock feature. >> >> I think AuthenticationContext[2] class should have the authentication >> status and it should be returned instead of AuthenticationFailure >> exception in authentication failed scenarios. WDYT ? >> >> >> >> [1] https://github.com/wso2/carbon-identity-mgt/blob/master/ >> components/org.wso2.carbon.identity.mgt/src/main/java/ >> org/wso2/carbon/identity/mgt/impl/IdentityStoreImpl.java#L1381 >> [2] https://github.com/wso2/carbon-identity-mgt/blob/master/ >> components/org.wso2.carbon.identity.mgt/src/main/java/ >> org/wso2/carbon/identity/mgt/AuthenticationContext.java#L22-22 >> >> >> Thanks >> >> >> *Isura Dilhara Karunaratne* >> Senior Software Engineer | WSO2 >> Email: [email protected] >> Mob : +94 772 254 810 <+94%2077%20225%204810> >> Blog : http://isurad.blogspot.com/ >> >> >> >> > > > -- > Thanks & Regards, > > *Johann Dilantha Nallathamby* > Technical Lead & Product Lead of WSO2 Identity Server > Governance Technologies Team > WSO2, Inc. > lean.enterprise.middleware > > Mobile - *+94777776950* > Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- Omindu Rathnaweera Software Engineer, WSO2 Inc. Mobile: +94 771 197 211
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
