0

We have a requirement to authenticate users of a web application deployed in WSO2 Application Server against an existing external database. We are trying using WSO2 Identity Server for this.

Our db table containing users has two columns which make a username unique, clientid and usercode. i.e. usercode is not unique by itself but clientid+usercode is unique. Also our passwords are salted with PBKDF2. So I have extended the JDBCUserStoreManager to talk to our database and am able to store and retrieve passwords in PBKDF2.

But I cant figure out how I can get the client id from the login page to our extended JDBCUserStoreManager. i.e how can I access clientid stored in users session, from inside our custom JDBCUserStoreManager? If I can get the clientid from the session in there, I can use it in the sql queries to do the needful.

Any help in figuring this out is much appreciated..

kmkale
  • 115
  • 10

1 Answers1

1

You can enter the combination "clientid+usercode" as the username at the login page. Then the authenticator will pass that combination as the username to the doAuthenticate() method of your custom userstore manager. There you can split the client id and usercode from the username.

SureshAtt
  • 1,891
  • 2
  • 17
  • 22
  • Hi Thanks for the answer. Yes that will work for authentication. But since we will need the clientid in almost every other method related to roles and claims etc, wondering if there is a better way of doing this? Maybe extend the authenticator? Presently I dont know which class that is and the chain of calls that lead to StoreManager's methods getting called. Any further info on this would be really great. – kmkale Feb 12 '13 at 04:42
  • Hi, You can create your own authenticator and plugin too. But even with the default authenticator you can get this done with less work because after successful authentication the authenticated users username is put into the session. So in your case the username in the session is "clientid+usercode". So at the other operations of UserManager such as getRoles, getClaims etc you get the "clienid+usercode" as the username. So inside those method you always know how to get the userid from the username. – SureshAtt Feb 12 '13 at 05:05