Hi, all: Our project want to use Tuscany as the integration middleware, and we do some investigation on SCA topics. We still have some confusions on SCA, pls help us to check whether we are on the right track.
Currently, we are thinking the following deployment models: 1. put all services in a single Tuscany domain; 2. make some services as front controllers (and exposes them as web services) for client to connect; 3. non-tuscany client connects to the exposed web-services to access business functions. Qustions we have: 1. Can we join the client to Tuscany domain? Or shall we keep using web-services to connect the client to the domain? The reason for this question is that I cannot find an example in samples directory that demonstrate a standard java client startup and join a established domain. Did I miss something? 2. If stick to the way that non-tuscany client connect to Tuscany domain using web-services, we are not sure whether the following solution for authentication is correct. The scenario is that we need to do a series of communication with the front controller. We don't want to have every ws communication with username/password specified. After reading the spec, we have the idea of using "conversation scope". pls help us to check whether it is the standard way to do this kind of authentication job. 1) call login(username, password) web services which defines as "Conversational" and has the scope of "Conversation". The result will be stored in some private variable; 2) client calls following business services without attaching the auth information (because the auth info is in the conversation scope); 3) client calls business services with "endConversation"(such as logout) annotation to stop the conversation and exit. I am not sure if that is the standard way to do authentication and cache the result. Could you help us verify it? Tuscany is a really good product. And I really appreciate your help in the past few months. Best Regards, Yang Sun