Since the User Management PR has been submitted [1] there has been of a lot of useful and interesting feedback, thanks Matzew and Abstractj for that.

Some valid concerns has been raised, in particular 2 of them that I would like to expose here and to discuss to see how we can deal witth them for the 0.10.0 release : 

1. 

Currently the password register/reset link that is generated is persisted. This is a point of concern[2]. The fact is that with the current flow, we can not go against that:

- An admin create an user, a link is generated.

- The admin send this link to the new user.

- The user browse to link -> at this moment we need to be able to retrieve the stored link to check for its validity.

Some points :

- The token/register link is presisted without any relation with the newly created user, so an hacker could not make a connection between the 2.

- The new created user, as long he has not registered  through the link, can not log into the system as he has no password, as Bruno suggested me to do on the ML.

How shall we deal with that for 0.10.0 ? We can improve in 0.11.0 and also keeping in mind that keycloak could come into the party quite soon.

2. 

Currently, to generate the register link, we use a private key. This key is located in the project[3]. This should not be in the github project as pointed by Bruno [4] which make totally sense. I will remove the private key  from the repo and add instructions to tell how and where to put your private key.

But I don't know how to deal for the UPS cartdridge, since we ship a war, the private key will be missing. Any ideas input on that is welcome. 

For 0.10.0, we could just ship a war containing a private key and add a warning and maybe add instruction on how to clone the app locally, change the key and push again (which is not really user friendly when you expect to have a cartdridge that "just work").

Notice that there is ticket to be able to manage your private key from the Admin console[5]

Again, in the future, keycloak could be used also to manage the keys.

Besides that, the current PR, in terms of functionnalities works : you can create and manage users like specified in the specs.

So for the (very soon) 0.10.0 release how shall we deal with these concerns ?

Sebi

 

[1] https://github.com/aerogear/aerogear-unifiedpush-server/pull/118

[2] https://github.com/aerogear/aerogear-unifiedpush-server/pull/118#discussion_r8996725

[3] https://github.com/aerogear/aerogear-unifiedpush-server/blob/register_link/src/main/resources/META-INF/config.properties

[4] https://github.com/aerogear/aerogear-unifiedpush-server/pull/118#discussion_r8996712

[5] https://issues.jboss.org/browse/AGPUSH-518