... {anchor:top} |
{toc} |
| ---- |
| |
| h1. Setting forgotten Password Data |
| h1. Consumer Tier |
| |
h2. Setting forgotten Password Data
|
The OpenPTK Framework and UserManagementLite sample application have been enhanced to support the setting of the "forgotten password" questions. This new features leverages the existing *Forgotten Password* process where users answer their questions as a means of authentication. Prior to this release, the setting of the Questions/Answers had to be done within the End-User Service/Repository.
|
... With this release, the following capabilities are available:
# Users can initially set their answers for their questions.
# Users can review and change existing answers to questions.
# If the End-User Service/Repository does not have questions, default one are provided. |
# The default questions are set in the {{openptk.xml}} file.
|
|
h23.
Java API Sample |
A new test program {{apiSetForgot.java}} was created to test the setting of the questions.
|
|
h23.
User Management Lite (UML) |
The UML sample application has been updated to support the setting of a users forgotten password questions. A new menu item called "Questions" will display a screen with the default or existing questions / answers. |
...
!forgotQandA.png|align=centre!
[Top|#top]
|
----
|
| h1. Missing Attributes |
| h1. Framework Tier |
| |
h2. Missing Attributes
|
The OpenPTK Framework has been enhanced, specifically the {{Context}} class, to address an issue of requested attributes not being returned.
|
... *Issue*
When a {{READ}} or {{SEARCH}} is made, the *Input* contains a collection of *Attributes* that the Application wants returned in the *Output*. The collection of *Attributes* is passed to the Service, through the Framework, where it is processed. The Service sends back the results to the Framework. End-User Repositories handle the absence of Attributes differently. Some will return an Attribute that has no value, while others will not include the *Attribute* in the results. This is not consistent and needs to function the same way for all Services ... The Framework and/or Application (Consumer Tier) may be expecting that *Attribute* to be returned even if it has no value.
*Solution*
The {{Subject}} was enhanced to support post-processing of the *Response*. When the operation is {{READ}} or {{SEARCH}} the post-processing looks at the original {{Input}} and gets the list of *Attributes*. It then goes through each *Result* in the *Response* and looks for all of the *Attributes* in the list. If an *Attribute* is missing, a new *Attribute* is create with only a {{name}}, it does not contain a {{value}}. This *Attribute* is then added to the *Result*. The Application will now get back every *Attribute* it asked for, even if the operation (READ and SEARCH) did not return it.
[Top|#top] |
----
|
| h1. SPML Service Enhancement |
| h1. Service Tier |
| |
h2. SPML Service Enhancement
|
The {{SpmlService}} base-class has been updated to capture more debug data when an execption is caught.
|
... *Issue*
When an exception is caught from within any of the Service's Operations, the information returned in the exception does not contain the request / response data. Having this data would help debug configuration problems.
*Solution*
The SpmlService class has been updated to include the {{SpmlRequest}} and {{SpmlResponse}} XML data in the exception that is thrown. The XML data will only be included when the debug level is set to "4"
[Top|#top] |
----
|
|
h12.
Implement Password Change / Reset for Services |
*Issue* |
...
A number of the provided Service did not implement the *Password Change* and/or *Password Reset* operations. Members of the community have asked for these operations.
*Solution*
The following *Services* have been enhanced to support the *Password Change* and *Password Reset* operations.
* Sun Identity Manager Service Provider Edition (SPE)
* JNDI
* JDBC
[Top|#top]
----
|