Re: [Dev] [Architecture] [VOTE] Release of WSO2 Identity Server Analytics 5.7.0 RC3

2018-09-18 Thread Chuhaashanan Nagenthiran 
Hi All,

I have tested following and no issues were found.

   - Suspicious login attempts dashboard
   - Overall login attempts dashboard

[+] Stable - go ahead and release.

Regards,
Chuhaashanan

On Tue, Sep 18, 2018 at 5:25 PM Anuradha Karunarathna 
wrote:

> Hi All,
>
> I have tested the following and no issues were found.
> Suspicious login attempts dashboard
> Overall login attempts dashboard
> Configuring risk-based Adaptive Authentication
>
>
> [+] Stable - go ahead and release
>
>
> *Anuradha Karunarathna*
> Intern-Software Engineering | WSO2,inc.
>
>
>
> On Tue, Sep 18, 2018 at 5:21 PM, Tharindu Bandara 
> wrote:
>
>> Hi all,
>>
>> I have tested the followings on WSO2 Identity Server Analytics 5.7.0 RC3.
>>
>>- Risk based adaptive authentication.
>>- Successful local login attempt.
>>- Failed local login attempt.
>>- Suspicious login attempt.
>>
>> No blocking issues were found.
>>
>> *[+] Stable - go ahead and release*
>>
>> Thanks,
>> Tharindu
>>
>> On Tue, Sep 18, 2018 at 5:07 PM Chamath Samarawickrama 
>> wrote:
>>
>>> Hi,
>>>
>>> I have tested the following on WSO2 Identity Server Analytics 5.7.0 RC3.
>>>
>>>- Overall login attempts dashboard
>>>- Suspicious login attempts dashboard
>>>- Login sessions dashboard
>>>- Configuring risk-based Adaptive Authentication
>>>
>>> No blocking issues were found.
>>>
>>> *[+] Stable - go ahead and release*
>>>
>>> Thanks,
>>> Chamath
>>>
>>> On Tue, Sep 18, 2018 at 3:42 PM Nuwandi Wickramasinghe <
>>> nuwan...@wso2.com> wrote:
>>>
 Hi All,


 We are pleased to announce the third release candidate of WSO2 Identity
 Server Analytics 5.7.0.


 This release fixes the following issues,



- 5.7.0-RC3 Fixes

- 5.7.0-RC2 Fixes

- 5.7.0-RC1 Fixes




 Source and distribution,


- https://github.com/wso2/analytics-is/releases/v5.7.0-rc3



 Please download, test the product and vote.


[+] Stable - go ahead and release

[-] Broken - do not release (explain why)



 Thanks,

 - WSO2 Identity and Access Management Team -

 --

 Best Regards,

 Nuwandi Wickramasinghe

 Senior Software Engineer

 WSO2 Inc.

 Web : http://wso2.com

 Mobile : 0719214873

>>>
>>>
>>> --
>>> *C**h**amath Samarawickrama*
>>> Intern | WSO2, Inc.
>>> Mobile : +94772598944
>>> Twitter   LinkedIn
>>>   GitHub
>>> 
>>> ___
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>
>>
>> --
>> *Tharindu Bandara*
>> Software Engineer | WSO2
>>
>> Email : tharin...@wso2.com
>> Mobile : +94 714221776
>> web : http://wso2.com
>> 
>>
>> https://wso2.com/signature
>>
>> ___
>> Architecture mailing list
>> architect...@wso2.org
>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>>
>>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>


-- 
Chuhaashanan
Intern - Software Engineering
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [Architecture] [VOTE] Release WSO2 Identity Server 5.7.0 RC3

2018-09-13 Thread Chuhaashanan Nagenthiran 
Hi All,

I have tested following scenarios with PostgreSQL database and didn't get
any issues.

   - Configuring a service provider for adaptive authentication
   - Configuring Role-Based Adaptive Authentication
   - Configuring User-Age-Based Adaptive Authentication
   - Configuring Tenant-Based Adaptive Authentication
   - Configuring User Store-Based Adaptive Authentication
   - Configuring IP-Based Adaptive Authentication
   - Configuring New-Device-Based Adaptive Authentication
   - Configuring ACR-Based Adaptive Authentication
   - Using WSO2 Stream Processor for Adaptive Authentication
   - Configuring Risk-Based Adaptive Authentication
   - Configuring login-based adaptive authentication

[+] Stable - Go ahead and release.

Regards,
Chuhaashanan

On Fri, Sep 14, 2018 at 9:25 AM Mevan Karunanayake  wrote:

> Hi all,
>
> I have tested following scenarios on IS 5.7.0-RC3 pack using Oracle
> database and didn't find any issues;
>
>- Configuring a service provider for adaptive authentication
>- Configuring Role-Based Adaptive Authentication
>- Configuring User-Age-Based Adaptive Authentication
>- Configuring IP-Based Adaptive Authentication
>- Configuring New-Device-Based Adaptive Authentication
>- Using WSO2 Stream Processor for Adaptive Authentication
>- Configuring Risk-Based Adaptive Authentication
>- Configuring login-based adaptive authentication
>
> [+] Stable - Go ahead and release.
>
> Regards,
>
> Mevan Karunanayake
>
>
> On Fri, Sep 14, 2018 at 6:27 AM, Rushmin Fernando 
> wrote:
>
>> I tested following scenarios with MySQL 5.7
>>
>> *Configurations*
>> Email username was enabled.
>> OAuth token encryption was enabled.
>> Internal keystore was configured.
>>
>> *Scenarios*
>>
>>
>> SCIM API
>> -
>>
>> Create a user in primary user store and a JDBC secondary user store
>> Get user
>> Create group
>> Assign a user to a group
>> Remove a user from a group
>> Delete user
>> Delete group
>>
>> DCR API
>> 
>>
>> Create application
>> Delete application
>>
>> Application Management - SOAP API
>> --
>>
>> Update SP with a certificate and a new owner
>> Delete SP
>>
>> SCOPE API
>> 
>>
>> Create scope
>> Get scope
>> Delete scope
>>
>> Identity Provider Management - SOAP API
>> -
>>
>> Create IDP
>> Update IDP with a certificate
>> Delete IDP
>>
>> OAuth Token API
>> 
>> Token with client credentials and password grant types
>> Token introspection
>>
>> [+] Stable - Go ahead and release
>>
>> On Fri, Sep 14, 2018 at 2:00 AM Ashen De Silva  wrote:
>>
>>> Hi All,
>>>
>>> I have tested the following scenarios with the H2 default database.
>>>
>>>- Configuring a service provider for OAuth/OpenID Connect and
>>>authenticating with the playground2 app.
>>>- Configuring a service provider for SAML SSO.
>>>- Add user, roles, and update permissions.
>>>
>>> *[+] Stable - Go ahead and release*
>>>
>>> Regards,
>>> Ashen
>>>
>>>
>>> On Thu, Sep 13, 2018 at 11:31 PM, Tharindu Edirisinghe <
>>> tharin...@wso2.com> wrote:
>>>
 Evaluated the static code analysis and dynamic security analysis
 reports.

 All the flagged issues are found to be false positives.

 [+] Stable in terms of security - Go ahead and release

 Thanks,
 Tharindu Edirisinghe

 On Thu, Sep 13, 2018 at 10:48 PM Pamoda Wimalasiri 
 wrote:

> Hi all,
>
> I tested below scenarios with DB2 database.
>
>- Self-registration and account confirmation
>- Self-registration consent purposes
>- Just-In-Time Provisioning Consent Purposes
>- SAML2 Artifact binding and authenticate
>
> No blocking issues found.
>
> [+] Stable - Go ahead and release
>
> Thanks,
> Pamoda
>
> On Thu, Sep 13, 2018 at 10:39 PM Vihanga Liyanage 
> wrote:
>
>> Hi all,
>>
>> Tested below scenarios on IS 5.7.0-RC2 pack using the default H2
>> database and Postgres SQL database.
>>
>>- Started with *-Dsetup* property in Postgres and DB scripts
>>executed without any issues.
>>- Add service provider, configured SAML SSO, authenticate with *the
>>dispatch *sample web app.
>>- Enable SAML2 Artifact binding and authenticate.
>>- Add SP certificate, enable signature validation in SAML2
>>artifact resolve request and authenticate.
>>- Add new SP with Open ID OAuth/OpenID Connect Configuration and
>>authenticate with *the playground *sample web app. Tested all
>>OAuth grand types.
>>- Add SP certificate, enable ID token encryption, authenticate
>>and decrypt the encrypted ID token by providing the private key of 
>> the SP.
>>
>> No blocking issues found.
>>
>> [+] Stable - Go ahead and release
>>
>>

Re: [Dev] [IS] Architecture - API to Retrieve Authentication Session Information

2018-09-04 Thread Chuhaashanan Nagenthiran 
Here, SessionID is got from the cookie and user makes the API call by using
the sessionID.

Thanks.

On Tue, Sep 4, 2018 at 5:32 PM, Dulanja Liyanage  wrote:

> In that case, how does the user get hold of the SessionID to do the API
> call? Does s/he has to get it from the cookie? or is there another API that
> provides all the commonauthId values that were generated for all the
> browser sessions?
>
> Thanks.
>
> On Tue, Sep 4, 2018 at 2:39 PM, Chuhaashanan Nagenthiran <
> chuhaasha...@wso2.com> wrote:
>
>> Hi Dulanja,
>>
>> Yes. SessionID is the same value in commonauth cookie.
>>
>> Regards,
>>
>> On Tue, Sep 4, 2018 at 12:48 PM, Dulanja Liyanage 
>> wrote:
>>
>>> Hi Chuhaashanan,
>>>
>>> How is this SessionID generated? Is it same as the value of commonauthId
>>> cookie?
>>>
>>> Thanks,
>>> Dulanja
>>>
>>> On Mon, Sep 3, 2018 at 6:16 PM, Chuhaashanan Nagenthiran <
>>> chuhaasha...@wso2.com> wrote:
>>>
>>>> +1
>>>>
>>>> On Mon, Sep 3, 2018 at 5:42 PM, Ruwan Abeykoon  wrote:
>>>>
>>>>> Hi Chuhaashanan,
>>>>> It would be much extensible if "Session" table has JSON structure or
>>>>> something along, having "Browser, OS, Location" etc.
>>>>> Reason is that, Browser info has lot of sub units (e.g. Engine,
>>>>> Version), OS (Type, Version, Distribution), Location(Country, City,
>>>>> Coordinates)
>>>>> Also we might need Device.
>>>>>
>>>>> Cheers,
>>>>> Ruwan
>>>>>
>>>>>
>>>>> On Wed, Aug 15, 2018 at 2:09 PM Chuhaashanan Nagenthiran <
>>>>> chuhaasha...@wso2.com> wrote:
>>>>>
>>>>>> Hi All,
>>>>>>
>>>>>> *Problem*
>>>>>>
>>>>>> A user may wants to view his recently or currently logged in session
>>>>>> details and terminate a currently logged in acc. But wso2 IS server does
>>>>>> not provide this function now.
>>>>>>
>>>>>>
>>>>>> *Solution*
>>>>>>
>>>>>> Develop an API to provide following functionalities.
>>>>>>
>>>>>>- Retrieve information of currently logged in and recently used
>>>>>>sessions since last password changes.
>>>>>>- Retrieve Time, location, OS and browser details of each session
>>>>>>Logged in and recently used.
>>>>>>- Terminate a particular logged in account.
>>>>>>
>>>>>>
>>>>>> *Retrieve session information*
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> * - User can view his currently logged in details and recently used
>>>>>> session information. In each session, information about last time used,
>>>>>> location, browser and OS details.- To view information, user has to 
>>>>>> request
>>>>>> HTTP GET request with SessionID and can query by ServiceProvider detail 
>>>>>> for
>>>>>> particular account. Then API will query alive UserID for given details 
>>>>>> and
>>>>>> produce required information for user.*
>>>>>>
>>>>>>
>>>>>> *Terminate a particular account*
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>- If a user or admin wants to logged out from a logged in
>>>>>>account, he can terminate particular account session.
>>>>>>- If Identity Provider/ Service Provider/ User Account is deleted
>>>>>>by admin, session will be automatically terminated by event listeners.
>>>>>> - *To terminate an account, user has to request HTTP POST request
>>>>>>with SessionID and can query by ServiceProvider detail for particular
>>>>>>account. Then API will query alive UserID for given details and 
>>>>>> terminate
>>>>>>account.*
>>>>>>
>>>>>>
>>>>>>
>>>>>> *Database design*
>>>>>>
>>>>>>
>>>>>>- *UserID* which is mapped to* IDP, IDP UserID* and *Service
>>>>>>Provider* is used to identify unique account.
>>>>>>- Through *UserID*, information of particular account will be
>>>>>>provided.
>>>>>>- In *Session* table, details of *Browser, OS* and *Location*
>>>>>>will not be used in query. So we can store this information as JSON 
>>>>>> object.
>>>>>>
>>>>>>
>>>>>> Regards
>>>>>>
>>>>>> --
>>>>>> Chuhaashanan
>>>>>> Intern - Software Engineering
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>> --
>>>>>
>>>>> *Ruwan Abeykoon*
>>>>> *Associate Director/Architect**,*
>>>>> *WSO2, Inc. http://wso2.com <https://wso2.com/signature> *
>>>>> *lean.enterprise.middleware.*
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> Chuhaashanan
>>>> Intern - Software Engineering
>>>>
>>>>
>>>> ___
>>>> Dev mailing list
>>>> Dev@wso2.org
>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>>
>>>>
>>>
>>>
>>> --
>>> Thanks & Regards,
>>> Dulanja Liyanage
>>> Lead, Platform Security Team
>>> WSO2 Inc.
>>>
>>
>>
>>
>> --
>> Chuhaashanan
>> Intern - Software Engineering
>>
>>
>
>
> --
> Thanks & Regards,
> Dulanja Liyanage
> Lead, Platform Security Team
> WSO2 Inc.
>



-- 
Chuhaashanan
Intern - Software Engineering
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [IS] Architecture - API to Retrieve Authentication Session Information

2018-09-04 Thread Chuhaashanan Nagenthiran 
Yes. It should be added.

Thanks

On Tue, Sep 4, 2018 at 12:56 PM, Dulanja Liyanage  wrote:

> Also, you should have another column in the User table to maintain the
> userstore domain. Isn't it?
>
> On Tue, Sep 4, 2018 at 12:48 PM, Dulanja Liyanage 
> wrote:
>
>> Hi Chuhaashanan,
>>
>> How is this SessionID generated? Is it same as the value of commonauthId
>> cookie?
>>
>> Thanks,
>> Dulanja
>>
>> On Mon, Sep 3, 2018 at 6:16 PM, Chuhaashanan Nagenthiran <
>> chuhaasha...@wso2.com> wrote:
>>
>>> +1
>>>
>>> On Mon, Sep 3, 2018 at 5:42 PM, Ruwan Abeykoon  wrote:
>>>
>>>> Hi Chuhaashanan,
>>>> It would be much extensible if "Session" table has JSON structure or
>>>> something along, having "Browser, OS, Location" etc.
>>>> Reason is that, Browser info has lot of sub units (e.g. Engine,
>>>> Version), OS (Type, Version, Distribution), Location(Country, City,
>>>> Coordinates)
>>>> Also we might need Device.
>>>>
>>>> Cheers,
>>>> Ruwan
>>>>
>>>>
>>>> On Wed, Aug 15, 2018 at 2:09 PM Chuhaashanan Nagenthiran <
>>>> chuhaasha...@wso2.com> wrote:
>>>>
>>>>> Hi All,
>>>>>
>>>>> *Problem*
>>>>>
>>>>> A user may wants to view his recently or currently logged in session
>>>>> details and terminate a currently logged in acc. But wso2 IS server does
>>>>> not provide this function now.
>>>>>
>>>>>
>>>>> *Solution*
>>>>>
>>>>> Develop an API to provide following functionalities.
>>>>>
>>>>>- Retrieve information of currently logged in and recently used
>>>>>sessions since last password changes.
>>>>>- Retrieve Time, location, OS and browser details of each session
>>>>>Logged in and recently used.
>>>>>- Terminate a particular logged in account.
>>>>>
>>>>>
>>>>> *Retrieve session information*
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> * - User can view his currently logged in details and recently used
>>>>> session information. In each session, information about last time used,
>>>>> location, browser and OS details.- To view information, user has to 
>>>>> request
>>>>> HTTP GET request with SessionID and can query by ServiceProvider detail 
>>>>> for
>>>>> particular account. Then API will query alive UserID for given details and
>>>>> produce required information for user.*
>>>>>
>>>>>
>>>>> *Terminate a particular account*
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>- If a user or admin wants to logged out from a logged in account,
>>>>>he can terminate particular account session.
>>>>>- If Identity Provider/ Service Provider/ User Account is deleted
>>>>>by admin, session will be automatically terminated by event listeners.
>>>>> - *To terminate an account, user has to request HTTP POST request
>>>>>with SessionID and can query by ServiceProvider detail for particular
>>>>>account. Then API will query alive UserID for given details and 
>>>>> terminate
>>>>>account.*
>>>>>
>>>>>
>>>>>
>>>>> *Database design*
>>>>>
>>>>>
>>>>>- *UserID* which is mapped to* IDP, IDP UserID* and *Service
>>>>>Provider* is used to identify unique account.
>>>>>- Through *UserID*, information of particular account will be
>>>>>provided.
>>>>>- In *Session* table, details of *Browser, OS* and *Location* will
>>>>>not be used in query. So we can store this information as JSON object.
>>>>>
>>>>>
>>>>> Regards
>>>>>
>>>>> --
>>>>> Chuhaashanan
>>>>> Intern - Software Engineering
>>>>>
>>>>>
>>>>>
>>>>
>>>> --
>>>>
>>>> *Ruwan Abeykoon*
>>>> *Associate Director/Architect**,*
>>>> *WSO2, Inc. http://wso2.com <https://wso2.com/signature> *
>>>> *lean.enterprise.middleware.*
>>>>
>>>>
>>>
>>>
>>> --
>>> Chuhaashanan
>>> Intern - Software Engineering
>>>
>>>
>>> ___
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>> Thanks & Regards,
>> Dulanja Liyanage
>> Lead, Platform Security Team
>> WSO2 Inc.
>>
>
>
>
> --
> Thanks & Regards,
> Dulanja Liyanage
> Lead, Platform Security Team
> WSO2 Inc.
>



-- 
Chuhaashanan
Intern - Software Engineering
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [IS] Architecture - API to Retrieve Authentication Session Information

2018-09-04 Thread Chuhaashanan Nagenthiran 
Hi Dulanja,

Yes. SessionID is the same value in commonauth cookie.

Regards,

On Tue, Sep 4, 2018 at 12:48 PM, Dulanja Liyanage  wrote:

> Hi Chuhaashanan,
>
> How is this SessionID generated? Is it same as the value of commonauthId
> cookie?
>
> Thanks,
> Dulanja
>
> On Mon, Sep 3, 2018 at 6:16 PM, Chuhaashanan Nagenthiran <
> chuhaasha...@wso2.com> wrote:
>
>> +1
>>
>> On Mon, Sep 3, 2018 at 5:42 PM, Ruwan Abeykoon  wrote:
>>
>>> Hi Chuhaashanan,
>>> It would be much extensible if "Session" table has JSON structure or
>>> something along, having "Browser, OS, Location" etc.
>>> Reason is that, Browser info has lot of sub units (e.g. Engine,
>>> Version), OS (Type, Version, Distribution), Location(Country, City,
>>> Coordinates)
>>> Also we might need Device.
>>>
>>> Cheers,
>>> Ruwan
>>>
>>>
>>> On Wed, Aug 15, 2018 at 2:09 PM Chuhaashanan Nagenthiran <
>>> chuhaasha...@wso2.com> wrote:
>>>
>>>> Hi All,
>>>>
>>>> *Problem*
>>>>
>>>> A user may wants to view his recently or currently logged in session
>>>> details and terminate a currently logged in acc. But wso2 IS server does
>>>> not provide this function now.
>>>>
>>>>
>>>> *Solution*
>>>>
>>>> Develop an API to provide following functionalities.
>>>>
>>>>- Retrieve information of currently logged in and recently used
>>>>sessions since last password changes.
>>>>- Retrieve Time, location, OS and browser details of each session
>>>>Logged in and recently used.
>>>>- Terminate a particular logged in account.
>>>>
>>>>
>>>> *Retrieve session information*
>>>>
>>>>
>>>>
>>>>
>>>> * - User can view his currently logged in details and recently used
>>>> session information. In each session, information about last time used,
>>>> location, browser and OS details.- To view information, user has to request
>>>> HTTP GET request with SessionID and can query by ServiceProvider detail for
>>>> particular account. Then API will query alive UserID for given details and
>>>> produce required information for user.*
>>>>
>>>>
>>>> *Terminate a particular account*
>>>>
>>>>
>>>>
>>>>
>>>>- If a user or admin wants to logged out from a logged in account,
>>>>he can terminate particular account session.
>>>>- If Identity Provider/ Service Provider/ User Account is deleted
>>>>by admin, session will be automatically terminated by event listeners.
>>>> - *To terminate an account, user has to request HTTP POST request with
>>>>SessionID and can query by ServiceProvider detail for particular 
>>>> account.
>>>>Then API will query alive UserID for given details and terminate 
>>>> account.*
>>>>
>>>>
>>>>
>>>> *Database design*
>>>>
>>>>
>>>>- *UserID* which is mapped to* IDP, IDP UserID* and *Service
>>>>Provider* is used to identify unique account.
>>>>- Through *UserID*, information of particular account will be
>>>>provided.
>>>>- In *Session* table, details of *Browser, OS* and *Location* will
>>>>not be used in query. So we can store this information as JSON object.
>>>>
>>>>
>>>> Regards
>>>>
>>>> --
>>>> Chuhaashanan
>>>> Intern - Software Engineering
>>>>
>>>>
>>>>
>>>
>>> --
>>>
>>> *Ruwan Abeykoon*
>>> *Associate Director/Architect**,*
>>> *WSO2, Inc. http://wso2.com <https://wso2.com/signature> *
>>> *lean.enterprise.middleware.*
>>>
>>>
>>
>>
>> --
>> Chuhaashanan
>> Intern - Software Engineering
>>
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> Thanks & Regards,
> Dulanja Liyanage
> Lead, Platform Security Team
> WSO2 Inc.
>



-- 
Chuhaashanan
Intern - Software Engineering
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [IS] Architecture - API to Retrieve Authentication Session Information

2018-09-03 Thread Chuhaashanan Nagenthiran 
+1

On Mon, Sep 3, 2018 at 5:42 PM, Ruwan Abeykoon  wrote:

> Hi Chuhaashanan,
> It would be much extensible if "Session" table has JSON structure or
> something along, having "Browser, OS, Location" etc.
> Reason is that, Browser info has lot of sub units (e.g. Engine, Version),
> OS (Type, Version, Distribution), Location(Country, City, Coordinates)
> Also we might need Device.
>
> Cheers,
> Ruwan
>
>
> On Wed, Aug 15, 2018 at 2:09 PM Chuhaashanan Nagenthiran <
> chuhaasha...@wso2.com> wrote:
>
>> Hi All,
>>
>> *Problem*
>>
>> A user may wants to view his recently or currently logged in session
>> details and terminate a currently logged in acc. But wso2 IS server does
>> not provide this function now.
>>
>>
>> *Solution*
>>
>> Develop an API to provide following functionalities.
>>
>>- Retrieve information of currently logged in and recently used
>>sessions since last password changes.
>>- Retrieve Time, location, OS and browser details of each session
>>Logged in and recently used.
>>- Terminate a particular logged in account.
>>
>>
>> *Retrieve session information*
>>
>>
>>
>>
>> * - User can view his currently logged in details and recently used
>> session information. In each session, information about last time used,
>> location, browser and OS details.- To view information, user has to request
>> HTTP GET request with SessionID and can query by ServiceProvider detail for
>> particular account. Then API will query alive UserID for given details and
>> produce required information for user.*
>>
>>
>> *Terminate a particular account*
>>
>>
>>
>>
>>- If a user or admin wants to logged out from a logged in account, he
>>can terminate particular account session.
>>- If Identity Provider/ Service Provider/ User Account is deleted by
>>admin, session will be automatically terminated by event listeners.
>> - *To terminate an account, user has to request HTTP POST request with
>>SessionID and can query by ServiceProvider detail for particular account.
>>Then API will query alive UserID for given details and terminate account.*
>>
>>
>>
>> *Database design*
>>
>>
>>- *UserID* which is mapped to* IDP, IDP UserID* and *Service Provider*
>>is used to identify unique account.
>>- Through *UserID*, information of particular account will be
>>provided.
>>- In *Session* table, details of *Browser, OS* and *Location* will
>>not be used in query. So we can store this information as JSON object.
>>
>>
>> Regards
>>
>> --
>> Chuhaashanan
>> Intern - Software Engineering
>>
>>
>>
>
> --
>
> *Ruwan Abeykoon*
> *Associate Director/Architect**,*
> *WSO2, Inc. http://wso2.com <https://wso2.com/signature> *
> *lean.enterprise.middleware.*
>
>


-- 
Chuhaashanan
Intern - Software Engineering
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] [IS] Architecture - API to Retrieve Authentication Session Information

2018-08-15 Thread Chuhaashanan Nagenthiran 
Hi All,

*Problem*

A user may wants to view his recently or currently logged in session
details and terminate a currently logged in acc. But wso2 IS server does
not provide this function now.


*Solution*

Develop an API to provide following functionalities.

   - Retrieve information of currently logged in and recently used
sessions since
   last password changes.
   - Retrieve Time, location, OS and browser details of each session Logged
   in and recently used.
   - Terminate a particular logged in account.


*Retrieve session information*




* - User can view his currently logged in details and recently used session
information. In each session, information about last time used, location,
browser and OS details.- To view information, user has to request HTTP GET
request with SessionID and can query by ServiceProvider detail for
particular account. Then API will query alive UserID for given details and
produce required information for user.*


*Terminate a particular account*




   - If a user or admin wants to logged out from a logged in account, he
   can terminate particular account session.
   - If Identity Provider/ Service Provider/ User Account is deleted by
   admin, session will be automatically terminated by event listeners.
- *To terminate an account, user has to request HTTP POST request with
   SessionID and can query by ServiceProvider detail for particular account.
   Then API will query alive UserID for given details and terminate account.*



*Database design*


   - *UserID* which is mapped to* IDP, IDP UserID* and *Service Provider*
   is used to identify unique account.
   - Through *UserID*, information of particular account will be provided.
   - In *Session* table, details of *Browser, OS* and *Location* will not
   be used in query. So we can store this information as JSON object.


Regards

-- 
Chuhaashanan
Intern - Software Engineering
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev