[Adding Dev mailing list] Hi Asantha,
In order to make you familiar with this project with regard to WSO2 platform, we would like you to complete the following task which would provide an understanding on how the userstore managers are used in WSO2 products. 1. Refer [1] and understand how a userstore manager can be written and used in a product like WSO2 Identity Server [2]. 2. Refer [3] and understand more about Claims and Claim Management. 3. Referring [1], extend the org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager class and write your own JDBC userstore manaager. (MySQL is preferred). 4. Introduce a new claim called lastPasswordResetTimestamp which tracks the timestamp of each user's last successful password reset attempt. (in WSO2 Identity Server). For this you can refer [1] and override the doUpdateCredential, doUpdateCredentialByAdmin methods in the custom userstore manager you wrote in previous step. Inside these methods after successful password reset, set the current timestemp as a user claim. For this you can refer [4]. 5. In the JDBC userstore manager you have written in above step, override the doAuthenticate method. Inside the method, after performing authentication, compare the timestamp of the last time the user updated the credentials with current timestamp. If it is greater than 60 days (you can hardcode this value for the moment) return an exception with a message saying the user has to reset the password as it is expired. (For the users where the claim for password reset timestamp is empty, you can let the users successfully authenticate) When performing above tasks, if you face any difficulty, you can ask for help from this mail thread. You can use GitHub to share your source code and after completing a deliverable from above steps, you can share your progress with us. If you need further clarifications, please get back. [1] https://docs.wso2.com/display/IS510/Writing+a+Custom+User+Store+Manager [2] http://wso2.com/products/identity-server/ [3] http://tharindue.blogspot.com/2015/08/claim-management-operations-in-wso2.html [4] http://tharindue.blogspot.com/2015/12/tracking-last-successful-login-attempt.html [5] http://tharindue.blogspot.com/2015/05/a-workaround-for-renaming-username-of.html Regards, TharinduE On Mon, Feb 29, 2016 at 9:35 PM, Asantha Thilina <[email protected]> wrote: > Dear Sir, > first of all thanks a lot for the quick response and references ,I > studying the references that you sent and that are really helpful for me > to understand the procedure and prepare a proposal. i am really interest in > take part of this project in GSoC. > I understand the circumstances and willing to take part it in > individually. > As you mentioned I would be really grateful on behalf of my team if you > can support us to find a project which will suits for our research also and > it would be really helpful if we can extend this same project for suits to > our research as well. > Thanks, > Regards, > Asantha >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
