Hi, I'm in the process of evaluating Tuscany as a solution for aggregating various data sources. Nothing unique about that so far, however I have two data sources using 2 way ssl.
One is an atom feed and is REST based The other is SOAP based and also does identity propagation using the x509 certificate token profile. The architecture we currently have is something like the following: 1) the user connects to a web server with a user cert using 2 way ssl. The web server then distributes the requests to various data providers. 2a) When calling a SOAP service the user's cert is pulled out of the request and put into the SOAP header (x509 certificate token profile), then connects to the web service server using two way ssl again 2b) When calling the Atom feed, only two way ssl is used. What is the best way to handle the 2 way ssl? Is there any way to configure this within Tuscany? If not can I write a custom module to handle this? I have a delegate service that does this already but I was hoping for a more integrated approach. Also in regards to the Atom feed: Can I somehow create a feed that appends a dynamic query parameter to the url? I've dug around the code a bit and see some possible hooks for what we need to do but would really like to get your thoughts on this. Thanks! Ralph
