Hi, all:
Our project want to use Tuscany as the integration middleware, and we do
some investigation on SCA topics. We still have some confusions on SCA, pls
help us to check whether we are on the right track.
Currently, we are thinking the following deployment models:
1. put all services in a single Tuscany domain;
2. make some services as front controllers (and exposes them as web
services) for client to connect;
3. non-tuscany client connects to the exposed web-services to access
business functions.
Qustions we have:
1. Can we join the client to Tuscany domain? Or shall we keep using
web-services to connect the client to the domain?
The reason for this question is that I cannot find an example in samples
directory that demonstrate a standard java client startup and join a
established domain. Did I miss something?
2. If stick to the way that non-tuscany client connect to Tuscany domain
using web-services, we are not sure whether the following solution for
authentication is correct. The scenario is that we need to do a series of
communication with the front controller. We don't want to have every ws
communication with username/password specified. After reading the spec, we
have the idea of using "conversation scope". pls help us to check whether it
is the standard way to do this kind of authentication job.
1) call login(username, password) web services which defines as
"Conversational" and has the scope of "Conversation". The result will be
stored in some private variable;
2) client calls following business services without attaching the auth
information (because the auth info is in the conversation scope);
3) client calls business services with "endConversation"(such as logout)
annotation to stop the conversation and exit.
I am not sure if that is the standard way to do authentication and cache the
result. Could you help us verify it?
Tuscany is a really good product. And I really appreciate your help in the
past few months.
Best Regards,
Yang Sun
