There are two aspects in server to server authentication.. 1. Server access a resource in another server on behalf of a user. 2. Server acts as a trusted sub system for the other server
For the first one OAuth is the recommended approach.. for the 2nd - Mutual Auth.. Thanks & regards, -Prabath On Wed, May 29, 2013 at 11:23 AM, Afkham Azeez <[email protected]> wrote: > > > On Wed, May 29, 2013 at 11:19 AM, Paul Fremantle <[email protected]> wrote: > >> I understand the picture. What I don't understand is the statement "it >> will be more convenient". Can you please explain why Mutual SSL is more >> convenient than OAuth? It certainly is less convenient for the ops guys who >> has to set it up! >> >> > What we have is a server to server authentication problem. Have we come up > with a platform level solution or recommendation for that? > > >> Paul >> >> >> On 28 May 2013 08:42, Ananda Manoj Kumara <[email protected]> wrote: >> >>> Hi, >>> >>> On WSO2 Operation Center use case we need to securely communication >>> between OC and Manager nodes (server to server communication) about cluster >>> information and other management information. According to the design >>> discussions it was suggested to use 'mutual authentication' during >>> communications. >>> >>> Currently Jaggery did not support server to server communication and it >>> use OAuth for communication using server credentials. But considering OC >>> use-cases we need to maintain states of manager nodes periodically with OC >>> and we feel that it will be more convenient to use mutual authentication >>> through certs than accessing admin services using current OAuth >>> implementation. >>> >>> Your ideas are welcome about this matter. >>> >>> Thanks, >>> Manoj >>> >>> >>> Best Regards.. >>> >>> >>> Manoj Kumara >>> Software Engineer >>> WSO2, Inc.; http://wso2.com >>> >>> Twitter: http://twitter.com/ManKuma >>> Mobile: +94713448188 >>> >>> _______________________________________________ >>> Architecture mailing list >>> [email protected] >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>> >>> >> >> >> -- >> Paul Fremantle >> CTO and Co-Founder, WSO2 >> OASIS WS-RX TC Co-chair, VP, Apache Synapse >> >> UK: +44 207 096 0336 >> US: +1 646 595 7614 >> >> blog: http://pzf.fremantle.org >> twitter.com/pzfreo >> [email protected] >> >> wso2.com Lean Enterprise Middleware >> >> Disclaimer: This communication may contain privileged or other >> confidential information and is intended exclusively for the addressee/s. >> If you are not the intended recipient/s, or believe that you may have >> received this communication in error, please reply to the sender indicating >> that fact and delete the copy you received and in addition, you should not >> print, copy, retransmit, disseminate, or otherwise use the information >> contained in this communication. Internet communications cannot be >> guaranteed to be timely, secure, error or virus-free. The sender does not >> accept liability for any errors or omissions. >> >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > *Afkham Azeez* > Director of Architecture; WSO2, Inc.; http://wso2.com > Member; Apache Software Foundation; http://www.apache.org/ > * <http://www.apache.org/>** > email: **[email protected]* <[email protected]>* cell: +94 77 3320919 > blog: **http://blog.afkham.org* <http://blog.afkham.org>* > twitter: **http://twitter.com/afkham_azeez*<http://twitter.com/afkham_azeez> > * > linked-in: **http://lk.linkedin.com/in/afkhamazeez* > * > * > *Lean . Enterprise . Middleware* > -- Thanks & Regards, Prabath Mobile : +94 71 809 6732 http://blog.facilelogin.com http://RampartFAQ.com
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
