Hi Asantha, Great ! We'll review the work and share our feedback soon. Meanwhile you can start a blog and write your experiences too. Since you have got the understanding of userstore managers, now you can directly jump into the implementation of the project as well.
Regards, TharinduE On Sun, Mar 6, 2016 at 1:07 AM, Asantha Thilina <[email protected]> wrote: > Hi, > > I done the practice tasks 1 - 5 and i shared what i have been done so > far in github, below i put the link to my repository > waiting for feedback... > > https://github.com/asanthamax/customuserstoremanager > > Thanks, > Regards, > Asantha > > > > On Mon, Feb 29, 2016 at 7:41 PM, Tharindu Edirisinghe <[email protected]> > wrote: > >> [Adding Dev mailing list] >> >> Hi Asantha, >> >> In order to make you familiar with this project with regard to WSO2 >> platform, we would like you to complete the following task which would >> provide an understanding on how the userstore managers are used in WSO2 >> products. >> >> >> 1. Refer [1] and understand how a userstore manager can be written and >> used in a product like WSO2 Identity Server [2]. >> >> 2. Refer [3] and understand more about Claims and Claim Management. >> >> 3. Referring [1], extend the >> org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager class and write your >> own JDBC userstore manaager. (MySQL is preferred). >> >> 4. Introduce a new claim called lastPasswordResetTimestamp which tracks >> the timestamp of each user's last successful password reset attempt. (in >> WSO2 Identity Server). For this you can refer [1] and override the >> doUpdateCredential, doUpdateCredentialByAdmin methods in the custom >> userstore manager you wrote in previous step. Inside these methods after >> successful password reset, set the current timestemp as a user claim. For >> this you can refer [4]. >> >> 5. In the JDBC userstore manager you have written in above step, override >> the doAuthenticate method. Inside the method, after performing >> authentication, compare the timestamp of the last time the user updated the >> credentials with current timestamp. If it is greater than 60 days (you can >> hardcode this value for the moment) return an exception with a message >> saying the user has to reset the password as it is expired. (For the users >> where the claim for password reset timestamp is empty, you can let the >> users successfully authenticate) >> >> When performing above tasks, if you face any difficulty, you can ask for >> help from this mail thread. You can use GitHub to share your source code >> and after completing a deliverable from above steps, you can share your >> progress with us. >> >> If you need further clarifications, please get back. >> >> [1] >> https://docs.wso2.com/display/IS510/Writing+a+Custom+User+Store+Manager >> [2] http://wso2.com/products/identity-server/ >> [3] >> http://tharindue.blogspot.com/2015/08/claim-management-operations-in-wso2.html >> [4] >> http://tharindue.blogspot.com/2015/12/tracking-last-successful-login-attempt.html >> [5] >> http://tharindue.blogspot.com/2015/05/a-workaround-for-renaming-username-of.html >> >> Regards, >> TharinduE >> >> >> >> On Mon, Feb 29, 2016 at 9:35 PM, Asantha Thilina < >> [email protected]> wrote: >> >>> Dear Sir, >>> first of all thanks a lot for the quick response and references ,I >>> studying the references that you sent and that are really helpful for me >>> to understand the procedure and prepare a proposal. i am really interest in >>> take part of this project in GSoC. >>> I understand the circumstances and willing to take part it in >>> individually. >>> As you mentioned I would be really grateful on behalf of my team if you >>> can support us to find a project which will suits for our research also and >>> it would be really helpful if we can extend this same project for suits to >>> our research as well. >>> Thanks, >>> Regards, >>> Asantha >>> >> > -- Tharindu Edirisinghe Software Engineer | WSO2 Inc Platform Security Team Blog : tharindue.blogspot.com mobile : +94 775181586
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
