On Tuesday, May 29, 2018, Rosen Silva <ros...@wso2.com> wrote: > Hi All, > > I'm implementing a feature for IS 5.5.0 to force users to add answers to > challenge questions. > This feature is implemented using PostAuthenticationHandler. > > The logic executes in the following order, > * Check whether the user has already added the answers from the post > authenticator > * If not, redirect users to a webpage (JSP file) to get the answers to the > challenge questions > * Check whether users have added the challenge questions > * Let users log in to sp if the user has filled the answers to challenge > questions > > > Clarifications with implementing the JSP page for retrieving and updating > answers to challenge questions > > AFAIK we can't use admin service for retrieve and update security > questions since we don't have the cookie while in the post-authentication > flow. > One possibility is to send the challenge questions to the webpage with the > HTTP serverlet request and get the answers back to post authentication > handler through serverlet response and add the answers to the challenge > questions. > Can you explain how we plan to retrieve the available challenge questions of the tenant in this approach?
> > Your input is appreciated. > > Thanks and regards, > -- > > *Rosen Silva* > Software Engineer - WSO2 > > Email: ros...@wso2.com > Mobile: +94770677418 > Web: https://wso2.com/ > -- Farasath Ahamed Senior Software Engineer, WSO2 Inc.; http://wso2.com Mobile: +94777603866 Blog: blog.farazath.com Twitter: @farazath619 <https://twitter.com/farazath619> <http://wso2.com/signature>
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
