Hi Thanuja, Thanks for the clarification. One more thing. Is there a way that we can avoid specific users to login to the Management Console who has " permission/admin/login" permission?
Thanks & Regards, Mushthaq On Thu, Oct 26, 2017 at 7:28 PM, Thanuja Jayasinghe <than...@wso2.com> wrote: > Hi Mushthaq, > > UserAccountAssociationService.switchLoggedInUser() service method is only > useful for users who has logged in session. Because this feature provides > support for switch between associated user accounts in that logged in > session. In order to create a session we need to call A > uthenticationAdmin.login() and in this service method, we do check > whether the user has permission/admin/login permission[1]. So it is a > must to have permission/admin/login permission for any user who is using > switchLoggedInUser method. > > I think this gives the rationality for other methods which have the same > permission level. > > [1] - https://github.com/wso2/carbon-kernel/blob/4.4.x/core/ > org.wso2.carbon.core.services/src/main/java/org/wso2/carbon/ > core/services/authentication/AuthenticationAdmin.java#L110 > > Thanks, > Thanuja > > On Thu, Oct 26, 2017 at 6:18 PM, Mushthaq Rumy <musht...@wso2.com> wrote: > >> Hi All, >> >> Is there a specific reason to have "/permission/admin/login" in some of >> the operations in UserAccountAssociationService? >> >> This permission will allow the users to login to the Management Console >> and In case, if someone wants to use these operations of >> UserAccountAssociationService in a separate client application and he/she >> does not want to the users of this application to login to the Management >> Console, what would be the work around and how can we solve this? >> >> Your thoughts on this is highly appreciated. >> >> Thanks & Regards, >> Mushthaq >> -- >> Mushthaq Rumy >> *Software Engineer* >> Mobile : +94 (0) 779 492140 <%2B94%20%280%29%20773%20451194> >> Email : musht...@wso2.com >> WSO2, Inc.; http://wso2.com/ >> lean . enterprise . middleware. >> >> <http://wso2.com/signature> >> > > > > -- > *Thanuja Lakmal* > Associate Technical Lead > WSO2 Inc. http://wso2.com/ > *lean.enterprise.middleware* > Mobile: +94715979891 > -- Mushthaq Rumy *Software Engineer* Mobile : +94 (0) 779 492140 <%2B94%20%280%29%20773%20451194> Email : musht...@wso2.com WSO2, Inc.; http://wso2.com/ lean . enterprise . middleware. <http://wso2.com/signature>
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
