Hi, Thanks for the details. +1 for one appach for both. And do we need to have two different impl for fail and success ? Because that information is already within the context itself and I feel this will confuse the API. Is that mandatory ?
On Mar 13, 2017 8:54 AM, "Isura Karunaratne" <[email protected]> wrote: Hi, On Sun, Mar 12, 2017 at 8:11 PM, Harsha Thirimanna <[email protected]> wrote: > Hi, > > There is an implementation for authentication failure in two different way > by authenticate API in IdentityStore. > If the username is invalid or empty, then API throws an > *AuthenticationFailure* exception and if the password is wrong, then the > API returns *FailedA**uthenticationContext*. > > Don't we need to make consistent for both cases ? Any special reason to do > this ? > As omindu mentioned, failedAuthenicationContext was implemented to return authentication failed users for post handlers [1]. In these two cases, there is no valid users in server. +1 to return FailedAuthenticationContext with empty user list for these scenarios and remove AuthenticationFailure exeption from method. Thanks Isura. [1] [IAM] [IS6.0.0] How to handle post Authentication in IS 6.0.0 > > public AuthenticationContext authenticate(Claim claim, Callback[] credentials, > > String domainName) throws AuthenticationFailure, > IdentityStoreException { > > > > *Harsha Thirimanna* > *Associate Tech Lead | WSO2* > > Email: [email protected] > Mob: +94715186770 <+94%2071%20518%206770> > Blog: http://harshathirimanna.blogspot.com/ > Twitter: http://twitter.com/harshathirimann > Linked-In: linked-in: http://www.linkedin.com/pub/ha > rsha-thirimanna/10/ab8/122 > <http://wso2.com/signature> >
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
