On Thu, May 19, 2016 at 12:59 PM, Nuwan Dias <nuw...@wso2.com> wrote:
> IMO we should set <EnableEmailUsername> to 'true' in carbon.xml to be able > to create users in the form of u...@email.com. My opinion is that we > should prevent entering those type of usernames if that config is 'false'. > +1. IIRC current behavior was not there in Kernel 4.2.0 products. @IS team: was there any special reason to introduce this? As Dhanuka mentioned above, this leads to ambiguity between user *a...@x.com <a...@x.com>* of *super tenant* and user* abc* from tenant* x.com <http://x.com>. *And the most critical issue here is if we have a user *a...@x.com <a...@x.com>* in super tenant, it will break all the places where it uses *MultitenantUtils.getTenantAwareUsername. *So we need to come to a decision about this soon. Thanks, Bhathiya > > Thanks, > NuwanD. > > On Thu, May 19, 2016 at 11:23 AM, Dhanuka Ranasinghe <dhan...@wso2.com> > wrote: > >> Hi All, >> >> Currently we can add user with user name with @ sign, say for example if >> the user name is "test@user" without enabling Email User, Carbon >> Management console allow to add this user. But when we are trying to do the >> same thing as user sign up with APIM manager it's getting failed with super >> tenant. We found the root cause is at [1] line. Reason is from following >> highlighted code line we are getting *tenantAwareUserName* as *test* by >> removing* @user* part. Also *tenantName* also getting as *user*, which >> are wrong, and due to that realm become *Null*. >> >> There are few things need to be consider here. >> >> 1. Is it correct allowing to add username with *@* sign at Carbon >> Management Console without enable Email User? >> 2. Assume we have tenant domain called *wso2.com <http://wso2.com>*, >> then create user as *abc* with password *admin* in that domain space and >> again we create user as *a...@wso2.com <a...@wso2.com>* from super tenant >> space with password as *admin.* >> >> So when we try to login as* a...@wso2.com <a...@wso2.com>*, it login to >> *wso2.com >> <http://wso2.com>* tenant space. To login to super tenant user we need >> to login as *a...@wso2.com@carbon.super*. Will this be OK? >> >> [1] *org.wso2.carbon.identity.user.registration.UserRegistrationService.* >> *addUser(UserDTO)* >> *String tenantAwareUserName = >> MultitenantUtils.getTenantAwareUsername(user.getUserName());* >> *String tenantName = >> MultitenantUtils.getTenantDomain(user.getUserName());* >> *realm = IdentityTenantUtil.getRealm(tenantName, null);* >> >> >> Cheers, >> Dhanuka >> >> *Dhanuka Ranasinghe* >> >> Associate TechLead >> WSO2 Inc. ; http://wso2.com >> lean . enterprise . middleware >> >> phone : +94 715381915 >> > > > > -- > Nuwan Dias > > Technical Lead - WSO2, Inc. http://wso2.com > email : nuw...@wso2.com > Phone : +94 777 775 729 > -- *Bhathiya Jayasekara* *Senior Software Engineer,* *WSO2 inc., http://wso2.com <http://wso2.com>* *Phone: +94715478185* *LinkedIn: http://www.linkedin.com/in/bhathiyaj <http://www.linkedin.com/in/bhathiyaj>* *Twitter: https://twitter.com/bhathiyax <https://twitter.com/bhathiyax>* *Blog: http://movingaheadblog.blogspot.com <http://movingaheadblog.blogspot.com/>*
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev