Re: [Architecture] [Dev] Need occasional DepSync polling or depsync message replay

.com lean . enterprise . middleware phone : +94 71 3082805 ___ Dev mailing list d...@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev -- Regards, * Darshana Gunawardana *Software Engineer WSO2 Inc.; http://wso2.com* E-mail: darsh...@wso2

[Architecture] Auditing, reporting and statistics for identity features

of this approach. Any comments, suggestions are welcome. Thanks, Darshana -- Regards, * Darshana Gunawardana *Software Engineer WSO2 Inc.; http://wso2.com* E-mail: darsh...@wso2.com **Mobile: +94718566859 *Lean . Enterprise . Middleware ___ Architecture mailing list

[Architecture] WSO2 Identity Server 4.5.0 released!

. -- The WSO2 Identity Server Team -- -- Regards, * Darshana Gunawardana *Software Engineer WSO2 Inc.; http://wso2.com* E-mail: darsh...@wso2.com **Mobile: +94718566859 *Lean . Enterprise . Middleware ___ Architecture mailing list Architecture@wso2.org https

[Architecture] WSO2 Identity Server 4.5.0 released

. -- The WSO2 Identity Server Team -- -- Regards, * Darshana Gunawardana *Software Engineer WSO2 Inc.; http://wso2.com* E-mail: darsh...@wso2.com **Mobile: +94718566859 *Lean . Enterprise . Middleware ___ Architecture mailing list Architecture@wso2.org https

Re: [Architecture] SAML2 Toolkit for IS

-bin/mailman/listinfo/architecture -- Regards, *Darshana Gunawardana *Software Engineer WSO2 Inc.; http://wso2.com * E-mail: darsh...@wso2.com darsh...@wso2.com* *Mobile: +94718566859 %2B94718566859 *Lean . Enterprise . Middleware ___ Architecture

Re: [Architecture] Supporting OpenId-Connect Session Management

://mail.wso2.org/cgi-bin/mailman/listinfo/architecture -- Regards, *Darshana Gunawardana*Software Engineer WSO2 Inc.; http://wso2.com *E-mail: darsh...@wso2.com darsh...@wso2.com* *Mobile: +94718566859 %2B94718566859*Lean . Enterprise . Middleware

[Architecture] WSO2 Identity Server 5.1.0 Milestone 4 Released!

] - Get Server URL from IdentityUtils -- Regards, *Darshana Gunawardana*Senior Software Engineer WSO2 Inc.; http://wso2.com *E-mail: darsh...@wso2.com darsh...@wso2.com* *Mobile: +94718566859*Lean . Enterprise . Middleware ___ Architecture mailing

Re: [Architecture] [IS] Supporting user information recovery scenarios in IS user portal

>>>>> always verify the user with an email notification, other wise the user >>>>>>> will >>>>>>> be allowed to simply register. >>>>>>> >>>>>>> *User story for self registrati

Re: [Architecture] [IS] Improvements to Claim Management

- ClaimMapping[] getAllSupportClaimMappingsByDefault(). >> - ClaimMapping[] getAllClaimMappings(String dialectUri) >> >> user.core changes >> >> + FileBasedClaimbuilder (C) - read claimConfig.xml and prepare >> claimConfig objects with claim and meta data

Re: [Architecture] [IS] DCR implementation

not belong to this context or not. If it is, then we can >> write it in generic way and front to the each rest api separately. >> >> In this case we have to think about the authorization model as well. >> >> >> ​[1] https://tools.ietf.org/html/rfc7591​ >> ​[2]

Re: [Architecture] [IS] Block brute force attacks on password recovery flows

gle reCaptha" [2] "Identity Management Recovery API improvements" Thanks, Darshana > > Appreciate your input. > > Thanks, > Thanuja > > -- > *Thanuja Lakmal* > Senior Software Engineer > WSO2 Inc. http://wso2.com/ > *lean.enterprise.middleware* > Mobile:

Re: [Architecture] [IS] Improvements to Claim Management

in : https://github.com/darshanasbg/carbon-identity-framework/tree/IDENTITY-3486 Thanks, On Tue, May 31, 2016 at 11:12 PM, Darshana Gunawardana <darsh...@wso2.com> wrote: > Hi, > > Currently ClaimManagerFactory[1] have following method, > > ClaimManager createClaimManager(int tenantId);

Re: [Architecture] Proposed architecture for the C5 User Core

t; >>>>>> Identity Manager >>>>>> >>>>>>- >>>>>> >>>>>>All user/group related operations. >>>>>> >>>>>> >>>>>> Identitystore Manager >>>>>> >&g

Re: [Architecture] [APIM][IS] A new permission to create OAuth app through Dynamic Client Registration module

ntha Amarasinghe > Software Engineer > *WSO2, Inc. - lean | enterprise | middleware* > http://wso2.com/ > > Mobile : +94 712383306 > -- Regards, *Darshana Gunawardana*Senior Software Engineer WSO2 Inc.; http://wso2.com *E-mail: darsh...@wso2.com <darsh...@wso2.com>* *

Re: [Architecture] C5 User Core - Realm Service API

2.org >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > *Kishanthan Thangarajah* > Associate Technical Lead, > Platform Technologies Team, > WSO2, Inc. > lean.enterprise.middleware > > Mobile - +94773426635 > Blog - *http://kishanthan.wordpress.com <http://kishanthan.

Re: [Architecture] C5 User Core - Realm Service API

oreId) >>>> >>>> How do we identify this store-id before calling? >>>> >>>> On Sat, Apr 30, 2016 at 10:12 PM, Jayanga Kaushalya <jayan...@wso2.com> >>>> wrote: >>>> >>>>> Hi Darshana, >>>>>

Re: [Architecture] C5 User Core - Realm Service API

y.caas/src/main/java/org/wso2/carbon/security/caas/user/core/bean/User.java Thanks, > > From implementation point of view > getGroup code in IdentityStore is almost identical to getRole code in > AuthorizationStore > > > On Tue, May 24, 2016 at 2:35 AM, Darshana Gunawardana <

Re: [Architecture] [Architecutre][IS][C5] Do we need to have multiple inbound/outbound authenticator config in one SP/IDP

ail: hars...@wso2.com > Mob: +94715186770 <+94%2071%20518%206770> > Blog: http://harshathirimanna.blogspot.com/ > Twitter: http://twitter.com/harshathirimann > Linked-In: linked-in: http://www.linkedin.com/pub/ha > rsha-thirimanna/10/ab8/122 > <http://wso2.com/signature> >

Re: [Architecture] C5 User Core Delete User Operation

s, > Gayan > > -- > Gayan Gunawardana > Software Engineer; WSO2 Inc.; http://wso2.com/ > Email: ga...@wso2.com > Mobile: +94 (71) 8020933 > -- Regards, *Darshana Gunawardana*Associate Technical Lead WSO2 Inc.; http://wso2.com *E-mail: darsh...@w

Re: [Architecture] C5 User Core Delete User Operation

the it receive correct information from the API. Regards, Darshana > And in our implementation we have inactive, and disable option for that to > handle not permanently delete case. > > -Ishara > > On Wed, Feb 8, 2017 at 12:10 PM, Darshana Gunawardana <darsh...@wso2.com&g

Re: [Architecture] [C5][IS] IS 6.0 SP/IDP configuration file restructuring

; > Email: hars...@wso2.com > Mob: +94715186770 <+94%2071%20518%206770> > Blog: http://harshathirimanna.blogspot.com/ > Twitter: http://twitter.com/harshathirimann > Linked-In: linked-in: http://www.linkedin.com/pub/ > harsha-thirimanna/10/ab8/122 > <http://wso2.com/signat

Re: [Architecture] C5 User Core Delete User Operation

On Thu, Feb 9, 2017 at 9:16 AM, Gayan Gunawardana <ga...@wso2.com> wrote: > > > On Thu, Feb 9, 2017 at 12:05 AM, Darshana Gunawardana <darsh...@wso2.com> > wrote: > >> Hi Ishara, >> >> On Wed, Feb 8, 2017 at 11:58 PM, Ishara Karunarathna <isha..

Re: [Architecture] [APIM][C5] Workflow Implementation

t whether we can use same approach. >> >> Regards, >> Yasima. >> >> On Mon, Jan 30, 2017 at 3:04 AM, Darshana Gunawardana <darsh...@wso2.com> >> wrote: >> >>> Hi Yasima\NuwanD, >>> >>> With IS 5.1.0 it was implemented generic work

Re: [Architecture] [APIM][C5] Workflow Implementation

t;>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Thanks >>>>>> Abimaran Kugathasan >>>>>> Senior Software Engineer - API Technologies >>>>>> >>>>>> Email :

Re: [Architecture] [IAM] [IS6.0.0] How to handle Special claims ?

94%2077%20119%207211> >> >> ___ >> Architecture mailing list >> Architecture@wso2.org >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > Gayan Gunawardana > Software Engineer;

Re: [Architecture] Identity Server 5.3.0 New Feature - Prompt for missing predefined user attributes in the authentication flow

completes the authentication. So application will receive all >> the mandatory attributes for that. >> >> this is the current implementation of this feature. >> >> thank you >> Nuwandi >> >> -- >> >> Best Regards, >> >> Nuwandi

Re: [Architecture] [Dev] [VOTE] Release WSO2 Identity Server 5.3.0- RC3

com >>>> LinkedIn <https://lk.linkedin.com/in/dinalidabarera> >>>> Mobile: +94770198933 <+94%2077%20019%208933> >>>> >>>> >>>> >>>> >>>> <https://lk.linkedin.com/in/dinalidabarera> >>>>

Re: [Architecture] [VOTE] Release WSO2 Identity Server 5.3.0- RC2

> <https://wso2.com/signature> > > ___ > Architecture mailing list > Architecture@wso2.org > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- Regards, *Darshana Gunawardana*Associate Te

Re: [Architecture] [C5][IS 6.0.0]Admin Forced Password Reset Via Offline for Existing Users

ware Engineer | WSO2 > > E: hasan...@wso2.com > M :0718407133| http://wso2.com <http://wso2.com/> > -- Regards, *Darshana Gunawardana*Associate Technical Lead WSO2 Inc.; http://wso2.com *E-mail: darsh...@wso2.com <darsh...@wso2.com>* *Mobile: +94718566859*Lean . Enterprise

Re: [Architecture] Having separate keystore (private key) for each token signing in WSO2IS

Hi Asela, On Thu, Apr 20, 2017 at 7:02 PM Asela Pathberiya wrote: > On Thu, Apr 20, 2017 at 6:46 PM, Johann Nallathamby > wrote: > >> >> >> On Thu, Apr 20, 2017 at 3:27 PM, Asela Pathberiya wrote: >> >>> >>> >>> On Tue, Apr 18, 2017 at 11:51

Re: [Architecture] A Claim MUST have a Issuer

;> >> *Johann Dilantha Nallathamby* >> Technical Lead & Product Lead of WSO2 Identity Server >> Governance Technologies Team >> WSO2, Inc. >> lean.enterprise.middleware >> >> Mobile - *+9476950* >> Blog - *http://nallaa.wordpress.com <http:

Re: [Architecture] [C5] Self signup feature in APIM store

er | WSO2 >> Email: is...@wso2.com >> Mob : +94 772 254 810 <077%20225%204810> >> Blog : http://isurad.blogspot.com/ >> >> >> >> > > > -- > *Bhathiya Jayasekara* > *Associate Technical Lead,* > *WSO2 inc., http://wso2.com <http://ws

Re: [Architecture] IS Authentication Flow Behavior Between Multiple Service Providers

077%20550%205618> >>>>> Blog:harshcreationz.blogspot.com >>>>> >>>> >>>> >>>> >>>> -- >>>> Thanks & Regards, >>>> Asela >>>> >>>> ATL >>>> Mobile : +94 777 625 933

Re: [Architecture] [X509 Authenticator] Certificate Revocation Verification with CRL and OCSP

; >- Validate CRL returned from the CRL URL > - CRL should signed by the issuer, so validate the issuer domain > name. > - Validate the signature of CRL with the issuer public certificate. > - Validate the CRL "next update" date field for outdated CRLs

Re: [Architecture] Decoupling Client Authentication from OAuth2 Flow

gt; > [1] http://openid.net/specs/openid-connect-core-1_0.html#Cli > entAuthentication > <http://www.google.com/url?q=http%3A%2F%2Fopenid.net%2Fspecs%2Fopenid-connect-core-1_0.html%23ClientAuthentication=D=1=AFQjCNEcVTdgiIUSObwbxp8OUtTU1By8Rg> > > > > > > > -- > H

Re: [Architecture] Decoupling Client Authentication from OAuth2 Flow

lemented >> since the authentication was tightly coupled to the rest of the flow. >> >>> >>> >>> Thanks >>> Isura >>>> >>>> >>>> [1] http://openid.net/specs/openid-connect-core-1_0.html#Cli >>>> entAuthentication >>>> <

Re: [Architecture] Decoupling Client Authentication from OAuth2 Flow

On Tue, Jan 23, 2018 at 1:48 PM, Hasintha Indrajee <hasin...@wso2.com> wrote: > > > On Tue, Jan 23, 2018 at 1:18 PM, Darshana Gunawardana <darsh...@wso2.com> > wrote: > >> Hi Hasintha, >> >> On Tue, Jan 9, 2018 at 5:53 PM, Hasintha Indrajee <hasin..

Re: [Architecture] Decoupling Client Authentication from OAuth2 Flow

On Tue, Jan 23, 2018 at 2:19 PM, Hasintha Indrajee <hasin...@wso2.com> wrote: > > > On Tue, Jan 23, 2018 at 2:09 PM, Darshana Gunawardana <darsh...@wso2.com> > wrote: > >> >> >> On Tue, Jan 23, 2018 at 1:48 PM, Hasintha Indrajee <hasin...@wso2.co

Re: [Architecture] [Dev] Consent Management APIs for IS 5.5.0

On Thu, Feb 1, 2018 at 6:18 PM, Omindu Rathnaweera <omi...@wso2.com> wrote: > Hi Darshana, > > On Thu, Feb 1, 2018 at 5:42 PM, Darshana Gunawardana <darsh...@wso2.com> > wrote: > >> >> On Thu, Feb 1, 2018 at 5:13 PM, Isura Karunaratne <is...@wso2.com&

Re: [Architecture] Generalizing Post Authentictaion Handling in Authentictaion Framework.

rvices. Upon this change, missing mandatory claim > handler and authorization handler will be two OSGI post authentication > handlers. > > -- > Hasintha Indrajee > WSO2, Inc. > Mobile:+94 771892453 <+94%2077%20189%202453> > > -- Regards, *Darshana Gunawardana*Te

Re: [Architecture] [New Feature]: Cross Protocol IDP initiated SSO flow

>> Web: http://wso2.com/ >> Email : gdrdabar...@gmail.com >> LinkedIn <https://lk.linkedin.com/in/dinalidabarera> >> Mobile: +94770198933 >> >> >> >> >> <https://lk.linkedin.com/in/dinalidabarera> >> >> >> >> &

Re: [Architecture] [RRT]Calculating a risk score for authentication requests

gt;>>>>>>>>>>> On Mon, Jan 15, 2018 at 8:04 PM, Johann Nallathamby < >>>>>>>>>>>> joh...@wso2.com> wrote: >>>>>>>>>>>> >>>>>>>>>>>>> *[-IAM, RRT]* >>

Re: [Architecture] [Dev] [VOTE] Release WSO2 Identity Server 5.5.0 RC1

gt;>>>>>> >>>>>>>- for user-mgt ui component in EI product >>>>>>>- in Windows environment >>>>>>> >>>>>>> Since we want to align same component versions among EI & IS, we >>

Re: [Architecture] [Dev] [VOTE] Release WSO2 Identity Server 5.5.0 RC2

;>>>>>> >>>>>>> <https://github.com/wso2/product-is/issues?q=is%3Aclosed+milestone%3A5.5.0-beta> >>>>>>>- 5.5.0-Alpha3 fixes >>>>>>> >>>>>>> <https://github.com/wso2/product-is/issues?q=is%3

[Architecture] [VOTE] Release WSO2 Identity Server 5.5.0 RC2

o ahead and release [-] Broken - do not release (explain why) Thanks, - WSO2 Identity and Access Management Team - -- Regards, *Darshana Gunawardana*Technical Lead WSO2 Inc.; http://wso2.com *E-mail: darsh...@wso2.com <darsh...@

Re: [Architecture] [VOTE] Release WSO2 Identity Server 5.5.0 RC1

O2 Inc. http://wso2.com >>> Mobile: (+94) 715 360 421 <+94%2071%20411%205032> >>> >>> <+94%2071%20411%205032> >>> >> >> >> >> -- >> Farasath Ahamed >> Senior Software Engineer, WSO2 Inc.; h

Re: [Architecture] [IS] Consistent behavior for the unique identifier of the SP in different protocols

inked-in: > http://www.linkedin.com/pub/harsha-thirimanna/10/ab8/122 > <http://wso2.com/signature> > -- Regards, *Darshana Gunawardana*Technical Lead WSO2 Inc.; http://wso2.com *E-mail: darsh...@wso2.com * *Mobile: +94718566859*Lean . Enterprise . Middleware _

Re: [Architecture] [IAM] Validating Scopes during Access Token Issuing Phase

ture.jpg] >> > > > -- > Ishara Karunarathna > Senior Technical Lead > WSO2 Inc. - lean . enterprise . middleware | wso2.com > > email: isha...@wso2.com, blog: isharaaruna.blogspot.com, mobile: > +94717996791 > > > __

Re: [Architecture] [IAM] - Implementing SAML2 Federated IdP Initiated Logout

*Figure-02* >> >> We would like to have your feedback and suggestions in this regard. >> >> Thanks & regards, >> Isanka >> >> -- >> Isanka Rajapaksha | Software Engineer Intern | WSO2 Inc >> (m) +94 702515205 | (e) isa.

Re: [Architecture] OIDC Federated Logout for Identity Server

phases are hoped to be carried out in the coming >> weeks. >> > > > -- > *Malithi Edirisinghe* | Technical Lead | WSO2 Inc. > (m) +94 718176807 | (w) +94 11 214 5345 | (e) malit...@wso2.com > GET INTEGRATION AGILE > Integration Agility for Digitally Driven Bus

Re: [Architecture] SAML2 Request Validity Period validation

> -- > *Dinali Rosemin Dabarera* > Senior Software Engineer > IAM Domain > WSO2 Lanka (pvt) Ltd. > Web: http://wso2.com/ > Email : gdrdabar...@gmail.com > LinkedIn <https://lk.linkedin.com/in/dinalidabarera> > Mobile: +94770198933 > > > > > <http

Re: [Architecture] [Dev] Binding access token to the browser for new IAM Portal Applications

Hi Thanuja, On Sat, Sep 28, 2019 at 8:28 PM Darshana Gunawardana wrote: > Hi Johann, > > On Sat, Sep 21, 2019 at 10:43 AM Johann Nallathamby > wrote: > >> Hi Thanuja, >> >> Did we consider sending the access token itself as a secure, http-only >> c

Re: [Architecture] Step up authentication for accessing high value resources/transactions

gt;>> *Nipun Thathsara* >>> Software Engineer | WSO2 >>> >>> Email : nip...@wso2.com >>> Mobile : +94713031875 >>> Web : http://wso2.com >>> [image: http://wso2.com/signature] <http://wso2.com/signature> >>> >> >>

Re: [Architecture] [Dev] Binding access token to the browser for new IAM Portal Applications

4 (77) 7776950 | (w) +94 (11) 2145345 | (e) joh...@wso2.com > [image: Signature.jpg] > ___ > Dev mailing list > d...@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > -- Regards, *Darshana Gunawardana*Technical Lead WSO2 Inc.

Re: [Architecture] [IAM][IS 5.10.0] REST APIs For Federated Associations Of The User

: +94 714221776 > web : http://wso2.com > <https://www.google.com/url?q=http://wso2.com=D=151765338399=AFQjCNFggB4bSJTKmdqKcBV0VY9xx1ABKg> > > https://wso2.com/signature > -- Regards, *Darshana Gunawardana*Technical Lead WSO2 Inc.; http:

Re: [Architecture] [IAM][IS 5.10.0] REST APIs For Federated Associations Of The User

du Bandara* > Senior Software Engineer | WSO2 > > Email : tharin...@wso2.com > Mobile : +94 714221776 > web : http://wso2.com > <https://www.google.com/url?q=http://wso2.com=D=151765338399=AFQjCNFggB4bSJTKmdqKcBV0VY9xx1ABKg> > > https://wso2.com/signature > -

Re: [Architecture] [IAM] Calling REST APIs On-behalf Of My Associated Accounts

arbon-auth-rest/pull/92 > > Regards, > Tharindu. > -- > *Tharindu Bandara* > Senior Software Engineer | WSO2 > > Email : tharin...@wso2.com > Mobile : +94 714221776 > web : http://wso2.com > <https://www.google.com/url?q=http://wso2.com=D=151765338399=AFQjCNFg

Re: [Architecture] Supporting Email or Mobile as the Preferred Communication Channel for Users

ues/6339 > [4] - https://github.com/wso2/product-is/issues/6116 > > Thanks and Regards, > Sominda. > > On Wed, Nov 27, 2019 at 8:21 AM Darshana Gunawardana > wrote: > >> Hi Sominda, >> >> This is a nice feature addition to the product. Thanks for getting

Re: [Architecture] Supporting Email or Mobile as the Preferred Communication Channel for Users

e for WSO2 identity server for >>>> following requirements. >>>> >>>>- *Support account verification for users in user self-registration >>>>via Email or mobile (SMS) channel.* >>>>- *Support Mobile or Email channel for recovery flows.

Re: [Architecture] Maintaining IS-Archetypes

Do we have an archetype for PostAuthenticationHandlers? On Wed, Oct 9, 2019 at 3:37 PM Inthirakumaaran Tharmakulasingham < inthirakumaa...@wso2.com> wrote: > Hi all, > > We had an offline discussion with @Darshana Gunawardana > @Omindu Rathnaweera @Jayanga > Kaushalya

Re: [Architecture] WSO2 Identity Server REST API Error Response Standardization

;>> >>>>> *Client errors in server APIs* >>>>> >>>>> For client errors in server APIs, we have allocated the range starting >>>>> from 500. >>>>> >>>>> Eg: USR-5

Re: [Architecture] IAM Controller(IAM-CTL)- Command Line Extension for WSO2 Identity Server

ntern- Engineering team | WSO2 >>> >>> (m) +94778345567 | (e) piyu...@wso2.com >>> >>> [image: http://wso2.com/signature] <http://wso2.com/signature> >>> >> >> >> -- >> Godwin Amila Shrimal | Technical Lead | WSO2 Inc. >&g

Re: [Architecture] IAM Controller(IAM-CTL)- Command Line Extension for WSO2 Identity Server

[Removing invalid mail address] On Fri, Apr 3, 2020 at 5:53 PM Darshana Gunawardana wrote: > +Thumilan Mikunthan +Sathiyakugan Balakrishnan > > > On Tue, Jan 21, 2020 at 5:21 PM Isura Karunaratne wrote: > >> Hi Godwin, >> >> On Tue, Jan 21, 2020 at 5:14 PM