Skip to main content
Version: 2.82.x.x LTS

Configuration of the IdmSecurityQuestionManagementState

TopicDescription
Classch.nevis.idm.authstate.IdmSecurityQuestionManagementState
LoggingIdmAuth
Auditingnone
Marker
PropertiescreateCredential (boolean, optional, default: true)
If enabled and the user has no security question credential yet, a new security question credential will be created.
Methodsprocess (all events)
Inputsq (string: "${inargs:sq}")
The selected security question for which the user wants to administrate an answer.
answer (String: "${inargs:answer}")
Answer to be administrated.
Transitionsok: If the user's security question credential already contained the minimum number of active answers or the required number of answers has been supplied now.
showGui: If the user's security question credential does not contain the minimum number of active answers, the user selects and answers questions in the dialog shown.
noCredential: The user does not have a security question credential and the createCredential flag is false or the user's security question credential is not active.
locked: The user's security question credential is locked.
failed: Failed to supply enough answers.
clientNotFound: User uses an unsupported client ID or the "default" client ID (see input above) is not available.
OutputIf the user's security question credential does not contain the minimum number of active answers, a GUI dialog will be generated, where the user can select and answer security questions.
Errors1: Failed to supply enough answers
1: Not enough available personal questions
8: Account was already locked
11: Missing or inactive security question credential.
Notesnone

Example

<AuthState name="ManageSecurityQuestions"
class="ch.nevis.idm.authstate.IdmSecurityQuestionManagementState"
final="false" >
<ResultCond name="failed" next="ManageSecurityQuestions"/>
<ResultCond name="showGui" next="ManageSecurityQuestions"/>
<ResultCond name="ok" next="IdmPostProcessing"/>
<ResultCond name="noCredential" next="SQNoCredential"/>
<ResultCond name="locked" next="SQLocked"/>
<Response value="AUTH_CONTINUE">
<Gui name="AuthUidPwDialog" label="Security Question">
<GuiElem name="lasterror" type="error"
label="${notes:lasterrorinfo}" value="${notes:lasterror}" />
<GuiElem name="submit" type="submit" label="Login" />
</Gui>
</Response>
<propertyRef name="IdmCertificateWhiteList"/>
<property name="createCredential" value="true" />
</AuthState>