A custom authentication action plugin for the Curity Identity Server. You can add the action to any authenticator to send an e-mail to the user whenever the given authenticator is used in the login or SSO flow. The e-mail will contain the username, time of login, the user-agent used to log in and, optionally, the IP address from which the login was initiated.
Build the plugin by issuing the command mvn package. This will produce a JAR file in the target directory,
which can be installed.
To install the plugin, copy the compiled JAR (and all of its dependencies) into the :file:`${IDSVR_HOME}/usr/share/plugins/${pluginGroup}` on each node, including the admin node. For more information about installing plugins, refer to curity.io/plugins.
You need at least version 7.3. of the Curity Identity Server to use this plugin.
For a list of the dependencies and their versions, run mvn dependency:list. Ensure that all of these are installed in
the plugin group. Otherwise, they will not be accessible to this plug-in and run-time errors will result.
If you want to customize the e-mail sent by the plugin you can change the messages and template files provided in this repository.
The messages are deployed to :file:`${IDSVR_HOME}/var/.plugins/messages/core/en/sendemailaction/` and the template to template is deployed to :file:`${IDSVR_HOME}/var/.plugins/templates/authentication-action/sendemailaction/email`. Both the messages and the template can be edited in these locations after the plugin is deployed.
Refer to curity.io/templates for more information on overriding templates.
There are a few options you can configure for the plugin:
- Account Manager: You can provide an account manager which will be used to retrieve the user's email address. If you omit this option the plugin will assume that you use e-mails as usernames and will use the username as the recipients address.
- Email Sender: You must provide a valid e-mail sender which will be responsible for sending the e-mails.
- Always send e-mail notification: If on then the plugin will always send an e-mail notification for the given authenticator. If off then the plugin will look for a parameter sendemailaction-should-send-email, and send the e-mail only if its value is true (you can set this parameter using other actions).
- Do Not Send Ip Address in Email: When on will _not_ include the user's IP address in the notification e-mail. By default the IP address is included in the e-mail.
Please visit curity.io for more information about the Curity Identity Server.