On 14/02/2017 14:48, Ravindra Singareddy wrote:
Good Morning Syncope Users,
I have a simple use case of authenticating users using email in addition to the
username. What will be best practices approach, to make an addition to existing
code base without losing integrity?
Hi Ravi,
there is currently no OOTB support for authenticating users by anything
but username.
This looks, however, like a nice feature: one can think to add a new
configuration parameter [1] enlisting the attribute(s) that can be used
for authentication (for example, ["username", "email",
"socialSecurityNumber"]), and Syncope will attempt authentication
against the configured parameters, in order, until one succeeds or all fail.
Would you mind opening a new feature issue on JIRA?
The code responsible for the current behavior is [2].
Until the new feature will be added, you might also have the possibility
to do something similar, even if it is not trivial.
Essentially, you will need to, in your own local project (please note
that I am not talking of Syncope sources, but of the project you should
have generated from archetype):
1. create the directory
core/spring/src/main/java/org/apache/syncope/core/spring/security
2. download the class of [2] and place it in the directory created above
3. replace the line [2] with the logic for authenticating via email
address, that I have sketched in [3]
This *should* work, even though I have no time right now to give it a try.
HTH
Regards.
[1]
https://syncope.apache.org/docs/reference-guide.html#configuration-parameters
[2]
https://github.com/apache/syncope/blob/2_0_X/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java#L133
[3] https://paste.apache.org/iodX
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/
