Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-15759

Provision Dynamic Account node should give more control over username

    XMLWordPrintable

Details

    • Improvement
    • Status: Open
    • Major
    • Resolution: Unresolved
    • 7.0.0
    • None
    • trees
    • Rank:
      1|hzzlmn:
    • 0
    • No
    • None

    Description

      The Provision Dynamic Account node currently uses the AccountProvider interface to provision accounts when necessary, however this provisioning only receives the userinfo attributes, which may not provide sufficient contextual information for determining the actual username.
      The default account provider implementation also hardcodes getting the uid attribute out of the attribute map, when not every data store implementations are required to work with uid attribute either.
      Potentially the node could try to get the USERNAME property out of the sharedState and use that as the username, or we could introduce a new setting for the node that would contain the JSON pointer to the sharedState field that should be used as the username.
      The problem is that the AccountProvider interface is a supported API, so any changes made should be somehow backwards compatible or well documented at least.

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              peter.major Peter Major [X] (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated: