Hi All, I would propose "FailedAuthenticationContext" instead of " AuthenticationFailureContext"
Cheers, Ruwan On Wed, Feb 15, 2017 at 9:12 PM, Omindu Rathnaweera <[email protected]> wrote: > Adding the class diagram. > > [image: Inline image 1] > > On Wed, Feb 15, 2017 at 9:11 PM, Omindu Rathnaweera <[email protected]> > wrote: > >> Going forward, we are introducing a subtype of AuthenticationContext >> named AuthenticationFailureContext, which will be returned for a failed >> authentication attempt instead of throwing an AuthenticationFailure >> exception. >> >> The AuthenticationFailureContext will hold a list of all the unique user >> IDs which could not be authenticated using the given credentials. The class >> diagram for the mentioned classes will be as follows. >> >> [image: Inline image 1] >> >> With this approach, when using the authenticate method, we will first >> have to check the authentication status with isAuthenticated() and if >> the result is false, then cast the response to >> AuthenticationFailureContext to get the failed user ID list. >> >> Regards, >> Omindu. >> >> On Sat, Feb 11, 2017 at 12:10 AM, Johann Nallathamby <[email protected]> >> wrote: >> >>> I think we must have a handleException() method in our handlers and >>> these methods must be called for exceptions. This is how cxf interceptors >>> are designed. Also AuthenticationContext will work for authentication only. >>> What do we do for methods with void return type? I think the better >>> solution is to have a handleException() method so that each handler can >>> handle exceptions in a handler specific way. May be we can replace >>> rollback() with handleException() and make it more generic. >>> >>> Regards, >>> Johann. >>> >>> On Thu, Feb 9, 2017 at 5:11 PM, Isura Karunaratne <[email protected]> >>> wrote: >>> >>>> Hi all, >>>> >>>> >>>> According to the C5 Identity Mangement implementation [1], it throws >>>> AuthenticationFailure >>>> exception for invalid credentials and due to that, POST_AUTHENTICATION >>>> event will *not* be triggered. It is required to trigger >>>> POST_AUTHENTICATION event for authentication failure scenarios as well. For >>>> example, it is required to increment user failed login count in account >>>> lock feature. >>>> >>>> I think AuthenticationContext[2] class should have the authentication >>>> status and it should be returned instead of AuthenticationFailure >>>> exception in authentication failed scenarios. WDYT ? >>>> >>>> >>>> >>>> [1] https://github.com/wso2/carbon-identity-mgt/blob/master/ >>>> components/org.wso2.carbon.identity.mgt/src/main/java/org/ws >>>> o2/carbon/identity/mgt/impl/IdentityStoreImpl.java#L1381 >>>> [2] https://github.com/wso2/carbon-identity-mgt/blob/master/ >>>> components/org.wso2.carbon.identity.mgt/src/main/java/org/ws >>>> o2/carbon/identity/mgt/AuthenticationContext.java#L22-22 >>>> >>>> >>>> Thanks >>>> >>>> >>>> *Isura Dilhara Karunaratne* >>>> Senior Software Engineer | WSO2 >>>> Email: [email protected] >>>> Mob : +94 772 254 810 <+94%2077%20225%204810> >>>> Blog : http://isurad.blogspot.com/ >>>> >>>> >>>> >>>> >>> >>> >>> -- >>> Thanks & Regards, >>> >>> *Johann Dilantha Nallathamby* >>> Technical Lead & Product Lead of WSO2 Identity Server >>> Governance Technologies Team >>> WSO2, Inc. >>> lean.enterprise.middleware >>> >>> Mobile - *+94777776950* >>> Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* >>> >>> _______________________________________________ >>> Architecture mailing list >>> [email protected] >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>> >>> >> >> >> -- >> Omindu Rathnaweera >> Software Engineer, WSO2 Inc. >> Mobile: +94 771 197 211 <+94%2077%20119%207211> >> > > > > -- > Omindu Rathnaweera > Software Engineer, WSO2 Inc. > Mobile: +94 771 197 211 <+94%2077%20119%207211> > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- *Ruwan Abeykoon* *Associate Director/Architect**,* *WSO2, Inc. http://wso2.com <https://wso2.com/signature> * *lean.enterprise.middleware.*
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
