search

wso2 / product-is

Welcome to the WSO2 Identity Server source code! For info on working with the WSO2 Identity Server repository and contributing code, click the link below.
http://wso2.github.io/
Apache License 2.0
742 stars 722 forks source link

Need to document Supporting User store preference order during authentication #13894

Open nilasini opened 5 years ago

nilasini commented 5 years ago

Description: Requirement

  1. AD and LDAP have configured for wrong password policies. AD and LDAP are having the same user(let's say the username is bob) with a different password.
  2. Employees only can access SP1(service provider) and Employees details are stored in UserStore1(LDAP).
  3. Customers only can access SP2 and Customers details are stored in UserStore2(AD).

Now if either employee or customer tries to log in to SP1 without specifying the userStoredomain then the user will be searched to both the user store domains With 590 we can allow the users to search only through UserStore1 for SP1 application, allow the users to search only through UserStore2 by following the below steps.

  1. You need to implement the interface UserStorePreferenceOrderSupplier and write your own logic to retrieve the user store order (Example:- read from the registry). You could find the sample code in [1].
    1. Then extend CallBackHandlerFactory and create an object of your custom UserStorePreferenceOrderSupplier. [2]
    2. Once you have done the above step configure the extended CallBackHandlerFactory in application-authentication.xml under the tag . as below.
<CallbackFactory>org.wso2.carbon.identity.custom.callback.userstore.CustomUserStoreOrderCallbackFactory</CallbackFactory>

Sample code can be found in [3]

[1] https://github.com/nilasini/user-store-order-callback-handler/blob/master/src/main/java/org/wso2/carbon/identity/custom/callback/userstore/RegistryBasedUserStoreOrderCallbackHandler.java [2] https://github.com/nilasini/user-store-order-callback-handler/blob/master/src/main/java/org/wso2/carbon/identity/custom/callback/userstore/CustomUserStoreOrderCallbackFactory.java [3] https://github.com/nilasini/user-store-order-callback-handler

Suggested Labels:

Suggested Assignees:

Affected Product Version:

OS, DB, other environment details and versions:

Steps to reproduce:

Related Issues:

ayshsandu commented 4 years ago

@nilasini can you please get the https://github.com/nilasini/user-store-order-callback-handler sample merged to https://github.com/wso2/samples-is repository. Then from the document point links to user-store-order-callback-handler in https://github.com/wso2/samples-is