On Friday, October 27, 2017, Mushthaq Rumy <musht...@wso2.com> wrote:
> Hi Thanuja, > > Thanks for the clarification. One more thing. Is there a way that we can > avoid specific users to login to the Management Console who has " > permission/admin/login" permission? > Can we identify these users based on their role or some other attribute? > Thanks & Regards, > Mushthaq > > On Thu, Oct 26, 2017 at 7:28 PM, Thanuja Jayasinghe <than...@wso2.com > <javascript:_e(%7B%7D,'cvml','than...@wso2.com');>> wrote: > >> Hi Mushthaq, >> >> UserAccountAssociationService.switchLoggedInUser() service method is >> only useful for users who has logged in session. Because this feature >> provides support for switch between associated user accounts in that logged >> in session. In order to create a session we need to call A >> uthenticationAdmin.login() and in this service method, we do check >> whether the user has permission/admin/login permission[1]. So it is a >> must to have permission/admin/login permission for any user who is using >> switchLoggedInUser method. >> >> I think this gives the rationality for other methods which have the same >> permission level. >> >> [1] - https://github.com/wso2/carbon-kernel/blob/4.4.x/core/org. >> wso2.carbon.core.services/src/main/java/org/wso2/carbon/core >> /services/authentication/AuthenticationAdmin.java#L110 >> >> Thanks, >> Thanuja >> >> On Thu, Oct 26, 2017 at 6:18 PM, Mushthaq Rumy <musht...@wso2.com >> <javascript:_e(%7B%7D,'cvml','musht...@wso2.com');>> wrote: >> >>> Hi All, >>> >>> Is there a specific reason to have "/permission/admin/login" in some of >>> the operations in UserAccountAssociationService? >>> >>> This permission will allow the users to login to the Management Console >>> and In case, if someone wants to use these operations of >>> UserAccountAssociationService in a separate client application and he/she >>> does not want to the users of this application to login to the Management >>> Console, what would be the work around and how can we solve this? >>> >>> Your thoughts on this is highly appreciated. >>> >>> Thanks & Regards, >>> Mushthaq >>> -- >>> Mushthaq Rumy >>> *Software Engineer* >>> Mobile : +94 (0) 779 492140 <%2B94%20%280%29%20773%20451194> >>> Email : musht...@wso2.com >>> <javascript:_e(%7B%7D,'cvml','musht...@wso2.com');> >>> WSO2, Inc.; http://wso2.com/ >>> lean . enterprise . middleware. >>> >>> <http://wso2.com/signature> >>> >> >> >> >> -- >> *Thanuja Lakmal* >> Associate Technical Lead >> WSO2 Inc. http://wso2.com/ >> *lean.enterprise.middleware* >> Mobile: +94715979891 >> > > > > -- > Mushthaq Rumy > *Software Engineer* > Mobile : +94 (0) 779 492140 <%2B94%20%280%29%20773%20451194> > Email : musht...@wso2.com > <javascript:_e(%7B%7D,'cvml','musht...@wso2.com');> > WSO2, Inc.; http://wso2.com/ > lean . enterprise . middleware. > > <http://wso2.com/signature> > -- Farasath Ahamed Software Engineer, WSO2 Inc.; http://wso2.com Mobile: +94777603866 Blog: blog.farazath.com Twitter: @farazath619 <https://twitter.com/farazath619> <http://wso2.com/signature>
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev