Hi Johann,
On Sun, Sep 24, 2017 at 5:29 PM, Johann Nallathamby <joh...@wso2.com> wrote: > 1. Can someone explain the reason for the issue and relevance of the fix > to the issue reported here? > > I can understand the issue here. I also assume I understand the reason for > the issue. But better someone explains. What I don't seem to understand is > the relevance of the fix here. It seems to me that the > "AuthenticationPolicy.CheckAccountExist" property was not used at all in > the new implementation. Now it's been put to use. I certainly don't think > not using this property is the reason for the issue. So I don't get the fix > done here. > Yes. We need to improve the fix. Need to use isAuthPolicyAccountExistCheck() only for sending user does exists messge to outside. > > 2. Why do we have a private method *"isUserExistsInDomain"*? It doesn't > seem to do anything useful. > Yes. Need to remove that. > > 3. Seems we have introduced a new property to identity.xml > *"AuthenticationPolicy.CheckAccountExist".* Are we not thinking of adding > this to Resident IdP UI to control at a tenant level? > > *Authentication.Policy.Check.Ac > <http://Authentication.Policy.Check.Ac>count.Exist* in the old > identity-mgt.properties file was there to control the level of details that > needs to be revealed to the users regarding authentication failure. I.e. we > gave a configuration to control whether the user should see a generic > authentication failure message, or s/he should see failure with reason such > as invalid username or invalid password. > We can manage *AuthenticationPolicy.CheckAccountExist in *tenant wise. Do we really need to limit the error messages based on tenant. If so, we will put that to Resident IDP. Seems this property has been missed in the new implementation and now being > added. > > 4. Why is the new element uncommented by default which is inconsistent > with all other identity-mgt elements in identity.xml? Can we have a default > value and comment it out? > Yes. That needs to be commented. > > 5. Is this code consistent with other handlers such as > *AccountLockHandler* and *AccountDisableHandler*? > Will revisit all the handers based on todays discussion. Thanks Isura. > > Regards, > Johann. > > ---------- Forwarded message ---------- > From: Denuwanthi De Silva (JIRA) <j...@wso2.org> > Date: Thu, Aug 31, 2017 at 10:09 AM > Subject: [Carbon-jira] [jira] (IDENTITY-6330) [IS]When configured > secondary jdbc userstore canot login with the secondary userstore user > To: carbon-j...@wso2.org > > > Denuwanthi De Silva > <https://wso2.org/jira/secure/ViewProfile.jspa?name=denuwanthi%40wso2.com> > *created* an issue > > WSO2 Identity Server <https://wso2.org/jira/browse/IDENTITY> / [image: > Bug] <https://wso2.org/jira/browse/IDENTITY-6330> IDENTITY-6330 > <https://wso2.org/jira/browse/IDENTITY-6330> > [IS]When configured secondary jdbc userstore canot login with the > secondary userstore user <https://wso2.org/jira/browse/IDENTITY-6330> > Issue Type: [image: Bug] Bug > Assignee: Darshana Gunawardana > <https://wso2.org/jira/secure/ViewProfile.jspa?name=darshana%40wso2.com> > Created: 31/Aug/17 10:08 AM > Priority: [image: Normal] Normal > Reporter: Denuwanthi De Silva > <https://wso2.org/jira/secure/ViewProfile.jspa?name=denuwanthi%40wso2.com> > > 1.create a user in SECONDARY oracle jdbc userstore. > 2.try to login with that user > login fails. > ERROR > {org.wso2.carbon.core.services.authentication.AuthenticationAdmin} > > - System error while Authenticating/Authorizing User : Error when handling > event : PRE_AUTHENTICATION > 3.If login with domain ex(SECONDARY/user1) log in without issue. > [image: Add Comment] > <https://wso2.org/jira/browse/IDENTITY-6330#add-comment> Add Comment > <https://wso2.org/jira/browse/IDENTITY-6330#add-comment> > > This message was sent by Atlassian JIRA (v7.2.2#72004-sha1:9d51328) > [image: Atlassian logo] > > _______________________________________________ > Carbon-jira mailing list > carbon-j...@wso2.org > https://wso2.org/cgi-bin/mailman/listinfo/carbon-jira > > > > > -- > Thanks & Regards, > > *Johann Dilantha Nallathamby* > Senior Lead Solutions Engineer > WSO2, Inc. > lean.enterprise.middleware > > Mobile - *+94777776950* > Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* > -- *Isura Dilhara Karunaratne* Associate Technical Lead | WSO2 Email: is...@wso2.com Mob : +94 772 254 810 <+94%2077%20225%204810> Blog : http://isurad.blogspot.com/
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
