Hi Harsha, We needed FailedAuthenticationContext in account locking scenarios. The way it was before, for wrong credentials we got an AuthenticationFailure thrown which prevented the execution of post authentication handlers. Additionally, we needed pass the information on all the users we attempted to authenticate using the given creds to lock all the accounts. The FailedAuthenticationContext, includes that information too. IMO using the FailedAuthenticationContext to convey those information is a better approach than using the exception. May be using the term AuthenticationFailure is a bit misleading now.
So to clarify, if the response from authenticate is an AuthenticationContext, one should first check fro isAuthenticated(). Incase if one needs info about the list of users failed to authenticate, then cast it to FailedAuthenticationContext and call getFailedUsers() Regards, Omindu. On Sun, Mar 12, 2017 at 8:11 PM, Harsha Thirimanna <[email protected]> wrote: > Hi, > > There is an implementation for authentication failure in two different way > by authenticate API in IdentityStore. > If the username is invalid or empty, then API throws an > *AuthenticationFailure* exception and if the password is wrong, then the > API returns *FailedA**uthenticationContext*. > > Don't we need to make consistent for both cases ? Any special reason to do > this ? > > public AuthenticationContext authenticate(Claim claim, Callback[] credentials, > > String domainName) throws AuthenticationFailure, > IdentityStoreException { > > > > *Harsha Thirimanna* > *Associate Tech Lead | WSO2* > > Email: [email protected] > Mob: +94715186770 <+94%2071%20518%206770> > Blog: http://harshathirimanna.blogspot.com/ > Twitter: http://twitter.com/harshathirimann > Linked-In: linked-in: http://www.linkedin.com/pub/ > harsha-thirimanna/10/ab8/122 > <http://wso2.com/signature> > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- Omindu Rathnaweera Software Engineer, WSO2 Inc. Mobile: +94 771 197 211
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
