On Wed, Sep 4, 2013 at 4:34 PM, Sebastien Blanc <scm.blanc@gmail.com> wrote:
Hi,
Start point is this jira https://issues.jboss.org/browse/AGPUSH-282 for allowing the creation of additional users/developers.
In the current situation we have just one role : "developer" , so the first question is :

- Should a user with the role "developer" be able to create another user ?

not sure an ordinary should be able to create other users
 
- Should we introduce a "admin" role that can manage users (create, reset password, delete) ? 

+1 on that
 
- A mix of permissions ? (a developer can create other users but not remove them nor reset (except its own) password ) 

not sure on mixing. Do you have something concrete in mind? 

I think it would be good if a 'developer' could be promoted to be come an 'admin' (to give an example);

 

From there the second question regarding password management : 
In the current situation, our default user (called "admin" , yeah a bit confusing :) ) has a temporary password that must be changed the first time he logs in.

 - Do we want to keep this ?
 - Shall we move to a script that creates a user(s) ?

yeah, we have also a bug for removing what we currently have and replacing it with something more powerful:
https://issues.jboss.org/browse/AGPUSH-223

 

- When we add a user through the admin UI, should we provide a password or should it be generated and changed on first login ?

I like the idea from Bruno of sending an email, containing an URL for changing the password;
 

In other words, I think we must concretely spec out the user management for the UPS and we could use this thread to discuss that !

That would be great!
 


_______________________________________________
aerogear-dev mailing list
aerogear-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev



--
Matthias Wessendorf

blog: http://matthiaswessendorf.wordpress.com/
sessions: http://www.slideshare.net/mwessendorf
twitter: http://twitter.com/mwessendorf