syncope-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Francesco Chicchiriccò <ilgro...@apache.org>
Subject Re: Using email as authentication in addition to user name
Date Wed, 15 Feb 2017 12:19:57 GMT
Hi Ravi,
as you might have noticed, I have provided that feature; it will be 
officially available in Syncope 2.0.3, but you can find it in 
2.0.3-SNAPSHOT too.

If you want to try it out, please revert all changes suggested below in 
your generated Maven project, set the two fields with Syncope version to 
2.0.3-SNAPSHOT in your root pom.xml, then add

<repositories>
   <repository>
     <id>ASF</id>
<url>https://repository.apache.org/content/repositories/snapshots/</url>
     <snapshots>
       <enabled>true</enabled>
     </snapshots>
   </repository>
</repositories>

right before </project>.

At this point you can build again and authentication by email will be 
available.

Regards.

On 15/02/2017 07:15, Ravindra Singareddy wrote:
> Hi Francesco,
>
> 1) Created (SYNCOPE-1015) User Authentication using email
>
> 2) created a project from maven archetype.
>
> 3) Modified source code as per instructions, as reference [3]
>
> 4) Did testing using RESTFul API and from syncope enduser GUI, both of them failed.
>
> Analysis of Failure:
>
> 4) Search based on user email worked and password is authenticated successfully for email.
>
> 5) The authentication method is returning true.
>
> 6) After successful authentication  client calls self method
>
> Pair<Map<String, Set<String>>, UserTO> self = client.self();
>
> 7) Client self, in turn, calls createServiceInstance method of RestClientFactoryBean
and which is throwing error.
>
> Thanks
>
> Ravi
> ________________________________
> From: Francesco Chicchiriccò <ilgrosso@apache.org>
> Sent: Tuesday, February 14, 2017 8:10 PM
> To: dev@syncope.apache.org
> Subject: Re: Using email as authentication in addition to user name
>
> On 14/02/2017 14:48, Ravindra Singareddy wrote:
>> Good Morning Syncope Users,
>>
>> I have a simple use case of authenticating users using email in addition to the username.
What will be best practices approach, to make an addition to existing code base without losing
integrity?
> Hi Ravi,
> there is currently no OOTB support for authenticating users by anything
> but username.
>
> This looks, however, like a nice feature: one can think to add a new
> configuration parameter [1] enlisting the attribute(s) that can be used
> for authentication (for example, ["username", "email",
> "socialSecurityNumber"]), and Syncope will attempt authentication
> against the configured parameters, in order, until one succeeds or all fail.
> Would you mind opening a new feature issue on JIRA?
>
> The code responsible for the current behavior is [2].
>
> Until the new feature will be added, you might also have the possibility
> to do something similar, even if it is not trivial.
>
> Essentially, you will need to, in your own local project (please note
> that I am not talking of Syncope sources, but of the project you should
> have generated from archetype):
>
> 1. create the directory
> core/spring/src/main/java/org/apache/syncope/core/spring/security
> 2. download the class of [2] and place it in the directory created above
> 3. replace the line [2] with the logic for authenticating via email
> address, that I have sketched in [3]
>
> This *should* work, even though I have no time right now to give it a try.
>
> HTH
> Regards.
>
> [1] https://syncope.apache.org/docs/reference-guide.html#configuration-parameters
> [2] https://github.com/apache/syncope/blob/2_0_X/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java#L133
> [3] https://paste.apache.org/iodX

-- 
Francesco Chicchiriccò

Tirasa - Open Source Excellence
http://www.tirasa.net/

Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/

Mime
View raw message