Hi All, In IoTServer and EMM, we noticed that resources owned by a user will become orphaned once particular user is deleted from the system. If someone created a user with same username again, above orphaned resources will get assigned to newly created user, since both users have same user name[1].
Anyway I believe, this shouldn't happen in the system since, it will lead to orphaned resources or allow two different people to have the same identity. Solutions: 1. Use the user delete workflow[2] to get user delete event and allocate resources from user being deleted to other user or admin. Also if required resources can be deleted or left as it is to be associated with future user who will have the same name. However this BP is bit complex and need additional specific implementations to filter resources and apply necessary actions. 2. Use status claim of user to indicate whether user is inactive instead of deleting user from the system. As long as user is not actually deleted from the system, there is no any possibility to have same user name for another user. Also it is involved with less implementation complexity and it is good in the sense of maintaining past statistics and historic artifacts within the system. However with above solutions, there is no way to identify if user was removed from external user store, without going through the carbon console or user management portal in IoTServer or EMM web app. I'm also wondering how APIM and APPM handle the same situation when user get deleted. WDYT? Is there any better solution to eliminate above issue? Your comments and thoughts are highly appreciated. [1] https://wso2.org/jira/browse/IOTS-73 [2] https://github.com/wso2/carbon-identity/blob/master/components/user-mgt/org.wso2.carbon.user.mgt.workflow/src/main/java/org/wso2/carbon/user/mgt/workflow/userstore/DeleteUserWFRequestHandler.java Thanks & Regards, /charithag -- *Charitha Goonetilleke* Software Engineer WSO2 Inc.; http://wso2.com lean.enterprise.middleware mobile: +94 77 751 3669 <%2B94777513669> Twitter:@CharithaWs <https://twitter.com/CharithaWs>, fb: charithag <https://www.facebook.com/charithag>, linkedin: charithag <http://www.linkedin.com/in/charithag>
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
