Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 4A31E200C1B for ; Tue, 14 Feb 2017 21:10:33 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id 48C5F160B5F; Tue, 14 Feb 2017 20:10:33 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 94C1E160B45 for ; Tue, 14 Feb 2017 21:10:32 +0100 (CET) Received: (qmail 40117 invoked by uid 500); 14 Feb 2017 20:10:31 -0000 Mailing-List: contact dev-help@syncope.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@syncope.apache.org Delivered-To: mailing list dev@syncope.apache.org Received: (qmail 40105 invoked by uid 99); 14 Feb 2017 20:10:31 -0000 Received: from mail-relay.apache.org (HELO mail-relay.apache.org) (140.211.11.15) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 14 Feb 2017 20:10:31 +0000 Received: from [172.21.36.159] (unknown [88.214.162.116]) by mail-relay.apache.org (ASF Mail Server at mail-relay.apache.org) with ESMTPSA id 3F7F51A0015 for ; Tue, 14 Feb 2017 20:10:31 +0000 (UTC) Subject: Re: Using email as authentication in addition to user name To: dev@syncope.apache.org References: From: =?UTF-8?Q?Francesco_Chicchiricc=c3=b2?= Message-ID: <15822d66-e404-c2cc-41ac-d054a69fb454@apache.org> Date: Tue, 14 Feb 2017 21:10:29 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.7.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit archived-at: Tue, 14 Feb 2017 20:10:33 -0000 On 14/02/2017 14:48, Ravindra Singareddy wrote: > Good Morning Syncope Users, > > I have a simple use case of authenticating users using email in addition to the username. What will be best practices approach, to make an addition to existing code base without losing integrity? Hi Ravi, there is currently no OOTB support for authenticating users by anything but username. This looks, however, like a nice feature: one can think to add a new configuration parameter [1] enlisting the attribute(s) that can be used for authentication (for example, ["username", "email", "socialSecurityNumber"]), and Syncope will attempt authentication against the configured parameters, in order, until one succeeds or all fail. Would you mind opening a new feature issue on JIRA? The code responsible for the current behavior is [2]. Until the new feature will be added, you might also have the possibility to do something similar, even if it is not trivial. Essentially, you will need to, in your own local project (please note that I am not talking of Syncope sources, but of the project you should have generated from archetype): 1. create the directory core/spring/src/main/java/org/apache/syncope/core/spring/security 2. download the class of [2] and place it in the directory created above 3. replace the line [2] with the logic for authenticating via email address, that I have sketched in [3] This *should* work, even though I have no time right now to give it a try. HTH Regards. [1] https://syncope.apache.org/docs/reference-guide.html#configuration-parameters [2] https://github.com/apache/syncope/blob/2_0_X/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java#L133 [3] https://paste.apache.org/iodX -- Francesco Chicchiriccò Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail http://home.apache.org/~ilgrosso/