On Tue, Mar 14, 2017 at 7:42 PM, Indunil Upeksha Rathnayake < [email protected]> wrote:
> Hi, > > I think in a system, username claim is not a user specific detail, so that > it's conceptually incorrect to define it in User level. It has to be > configured globally or domain wise (So that based on the domain, the unique > claim which use as the username can be configurable). > +1 It's very complicated to assume 5 users in same domain have 5 different username claims and definitely affect to performance , I think it's fair to support one username claim per domain instead of per user basis. Thanks ! > > And also if we are adding a method in User object to get the user name > claim, we can't have it in scenarios where User object is not available. > Ex: When authenticating a user, need to pass the username claim [1] - from > UI we can only get the values for user name and password and in order to > get the username claim we don't have a User object > > [1] https://github.com/wso2/carbon-identity-mgt/blob/ > master/components/org.wso2.carbon.identity.mgt/src/main/ > java/org/wso2/carbon/identity/mgt/impl/IdentityStoreImpl.java#L1628 > > Thanks and Regards > > On Tue, Mar 14, 2017 at 1:54 PM, Nuwandi Wickramasinghe <[email protected] > > wrote: > >> >> >> On Tue, Mar 14, 2017 at 12:42 PM, Thanuja Jayasinghe <[email protected]> >> wrote: >> >>> Hi Gayan, >>> >>> Yes. We need to specially handle username claim("http://wso2.org/claims/ >>> username"). >>> >> So, it will always be http://wso2.org/claims/username, not configurable? >> >>> >>> Shall we add a method to User[1] class to retrieve username? >>> >> +1 to have a method in User.java >> >>> >>> [1] - https://github.com/wso2/carbon-identity-mgt/blob/master/com >>> ponents/org.wso2.carbon.identity.mgt/src/main/java/org/wso2/ >>> carbon/identity/mgt/User.java >>> >>> Thanks, >>> Thanuja >>> >>> On Tue, Mar 14, 2017 at 12:12 PM, Gayan Gunawardana <[email protected]> >>> wrote: >>> >>>> Hi All, >>>> >>>> Don't we have to provide an API to get username claim from domain >>>> level. >>>> I am suggesting to have some thing like >>>> >>>> org.wso2.carbon.identity.mgt.User userStoreUser = identityStore. >>>> getUser(userId); >>>> userStoreUser.getUsernameClaim(); >>>> >>>> Currently we handle username claim as just an another claim but it >>>> should be treated as special claim because username is the human friendly >>>> unique identifier for users. >>>> >>>> In domain-config.yaml we can define username claim for each domain. >>>> >>>> Also another requirement is when we get username from out side >>>> application, we need to retrieve corresponding user from identity store so >>>> we need to set value got from out side to appropriate claim. In that case >>>> there should be a way to identify username claim. >>>> >>>> WDYT? >>>> >>>> Thanks, >>>> Gayan >>>> >>>> >>>> -- >>>> Gayan Gunawardana >>>> Software Engineer; WSO2 Inc.; http://wso2.com/ >>>> Email: [email protected] >>>> Mobile: +94 (71) 8020933 >>>> >>> >>> >>> >>> -- >>> *Thanuja Lakmal* >>> Senior Software Engineer >>> WSO2 Inc. http://wso2.com/ >>> *lean.enterprise.middleware* >>> Mobile: +94715979891 +94758009992 >>> >> >> >> >> -- >> >> Best Regards, >> >> Nuwandi Wickramasinghe >> >> Software Engineer >> >> WSO2 Inc. >> >> Web : http://wso2.com >> >> Mobile : 0719214873 >> >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > Indunil Upeksha Rathnayake > Software Engineer | WSO2 Inc > Email [email protected] > Mobile 0772182255 > -- Sagara Gunathunga Associate Director / Architect; WSO2, Inc.; http://wso2.com V.P Apache Web Services; http://ws.apache.org/ Linkedin; http://www.linkedin.com/in/ssagara Blog ; http://ssagara.blogspot.com
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
