Adding the class diagram. [image: Inline image 1]
On Wed, Feb 15, 2017 at 9:11 PM, Omindu Rathnaweera <[email protected]> wrote: > Going forward, we are introducing a subtype of AuthenticationContext > named AuthenticationFailureContext, which will be returned for a failed > authentication attempt instead of throwing an AuthenticationFailure > exception. > > The AuthenticationFailureContext will hold a list of all the unique user > IDs which could not be authenticated using the given credentials. The class > diagram for the mentioned classes will be as follows. > > [image: Inline image 1] > > With this approach, when using the authenticate method, we will first have > to check the authentication status with isAuthenticated() and if the > result is false, then cast the response to AuthenticationFailureContext > to get the failed user ID list. > > Regards, > Omindu. > > On Sat, Feb 11, 2017 at 12:10 AM, Johann Nallathamby <[email protected]> > wrote: > >> I think we must have a handleException() method in our handlers and these >> methods must be called for exceptions. This is how cxf interceptors are >> designed. Also AuthenticationContext will work for authentication only. >> What do we do for methods with void return type? I think the better >> solution is to have a handleException() method so that each handler can >> handle exceptions in a handler specific way. May be we can replace >> rollback() with handleException() and make it more generic. >> >> Regards, >> Johann. >> >> On Thu, Feb 9, 2017 at 5:11 PM, Isura Karunaratne <[email protected]> wrote: >> >>> Hi all, >>> >>> >>> According to the C5 Identity Mangement implementation [1], it throws >>> AuthenticationFailure >>> exception for invalid credentials and due to that, POST_AUTHENTICATION >>> event will *not* be triggered. It is required to trigger >>> POST_AUTHENTICATION event for authentication failure scenarios as well. For >>> example, it is required to increment user failed login count in account >>> lock feature. >>> >>> I think AuthenticationContext[2] class should have the authentication >>> status and it should be returned instead of AuthenticationFailure >>> exception in authentication failed scenarios. WDYT ? >>> >>> >>> >>> [1] https://github.com/wso2/carbon-identity-mgt/blob/master/ >>> components/org.wso2.carbon.identity.mgt/src/main/java/org/ >>> wso2/carbon/identity/mgt/impl/IdentityStoreImpl.java#L1381 >>> [2] https://github.com/wso2/carbon-identity-mgt/blob/master/ >>> components/org.wso2.carbon.identity.mgt/src/main/java/org/ >>> wso2/carbon/identity/mgt/AuthenticationContext.java#L22-22 >>> >>> >>> Thanks >>> >>> >>> *Isura Dilhara Karunaratne* >>> Senior Software Engineer | WSO2 >>> Email: [email protected] >>> Mob : +94 772 254 810 <+94%2077%20225%204810> >>> Blog : http://isurad.blogspot.com/ >>> >>> >>> >>> >> >> >> -- >> Thanks & Regards, >> >> *Johann Dilantha Nallathamby* >> Technical Lead & Product Lead of WSO2 Identity Server >> Governance Technologies Team >> WSO2, Inc. >> lean.enterprise.middleware >> >> Mobile - *+94777776950* >> Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* >> >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > Omindu Rathnaweera > Software Engineer, WSO2 Inc. > Mobile: +94 771 197 211 <+94%2077%20119%207211> > -- Omindu Rathnaweera Software Engineer, WSO2 Inc. Mobile: +94 771 197 211
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
