We can do something like thos
@Override
public void doUpdateCredentialByAdmin(String userName, Object
newCredential)
throws UserStoreException {
if (newCredential != null && !newCredential.equals("")) {
super.doUpdateCredentialByAdmin(userName,
newCredential);
}
}
Thanks & Regards
Danushka Fernando
Senior Software Engineer
WSO2 inc. http://wso2.com/
Mobile : +94716332729
On Wed, Jul 22, 2015 at 5:40 PM, Amila Maha Arachchi <[email protected]>
wrote:
>
>
> On Wed, Jul 22, 2015 at 12:49 PM, Manjula Rathnayake <[email protected]>
> wrote:
>
>> Hi all,
>>
>> Let me add bit more context here.
>>
>> Registering an organization(creating a tenant) was originated from AF in
>> app cloud. By upon receiving a tenant registration request to AF node, AF
>> node trigger tenant creation in Stratos nodes(namely Dev,Test,Prod Stratos
>> manager nodes). All above nodes make use of a single LDAP and tenant admin
>> user is created only by AF node. But other nodes kept updating the password
>> of this tenant admin with the same value received from initial tenant
>> registration flow.
>>
>> In cloud setup, we are changing the tenant creation flow as below.
>> 1. Tenant creation is initiated by cloud management application upon
>> organization registration. This create a tenant structure in LDAP and
>> userstore database.
>> 2. Tenant admin logins and click on app cloud. This triggers tenant
>> creation process in Stratos nodes.
>>
>> Based on above flow, we do not have the tenant admin password in 2nd step
>> above.
>>
>> I am +1 on coming up with a custom userstore manager due to
>> 1. Minimal changes on existing flow where new userstore manager is
>> plugged in with config changes.
>> 2. Cloud already making use of a custom userstore manager, hence
>> introduction of new method is simple.
>> 3. Cloud management application already validates the password
>> requirements in front-end layers, hence ignoring the empty password update
>> at the backend is acceptable rather patching the kernel with API changes.
>>
>
> IIUC this custom userstore manager needs to be used at stratos manager,
> correct? In our setup, we already have a custom userstore manager and we
> will have to override the method you have mentioned, correct?
>
> If so, what will happen when we use the same userstore manager in AF
> instance or the appserver where tenant creation happens?
>
> Feels like I am missing something. May be the logic on how to decide to
> not to update the password?
>
>>
>> thank you.
>>
>>
>>
>> On Wed, Jul 22, 2015 at 12:13 PM, Punnadi Gunarathna <[email protected]>
>> wrote:
>>
>>> hi All,
>>>
>>> In AF latest deployment, AF has a separate UM and Registry database
>>> where as Straos side has a separate UM and registry database. All are
>>> pointing to same LDAP.
>>>
>>> Once the tenant get registered, login to AF side and click on app
>>> cloud, a listener will be invoked in Stratos side which does addTenant
>>> process. Since the user is logged in, the tenant password is set to a
>>> garbage value and it will be sent to Stratos side. This will update the
>>> tenant admin password to a garbage value with persistTenant method in
>>> TenantPesistor [1] (Line no 204).
>>>
>>> We thought of writing a custom userstore and override
>>> updateCredentialByAdmin as follows:
>>>
>>> Send either an empty password or a constant from AF side and password
>>> update will not happen in override method by checking that condition.
>>>
>>> Please share your thoughts.
>>>
>>>
>>> [1]
>>> https://svn.wso2.org/repos/wso2/carbon/platform/branches/turing/components/stratos/tenant-mgt/org.wso2.carbon.tenant.mgt.core/2.2.0/src/main/java/org/wso2/carbon/tenant/mgt/core/
>>> --
>>> Thanks and Regards,
>>>
>>> Punnadi Gunarathna
>>> Senior Software Engineer,
>>> WSO2, Inc.; http://wso2.com <http://wso2>
>>> Blog: http://hi-my-world.blogspot.com/
>>> Tel : 94 11 214 5345
>>> Fax :94 11 2145300
>>>
>>>
>>>
>>> <http://lalajisureshika.blogspot.com/>
>>>
>>
>>
>>
>> --
>> Manjula Rathnayaka
>> Associate Technical Lead
>> WSO2, Inc.
>> Mobile:+94 77 743 1987
>>
>
>
>
> --
> *Amila Maharachchi*
> Senior Technical Lead
> WSO2, Inc.; http://wso2.com
>
> Blog: http://maharachchi.blogspot.com
> Mobile: +94719371446
>
>
> _______________________________________________
> Dev mailing list
> [email protected]
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>
_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev
