On Wed, May 29, 2013 at 11:19 AM, Paul Fremantle <[email protected]> wrote:
> I understand the picture. What I don't understand is the statement "it > will be more convenient". Can you please explain why Mutual SSL is more > convenient than OAuth? It certainly is less convenient for the ops guys who > has to set it up! > If we use OAuth we need to have an access token. How to generate this access token and where to store that? If we compare this with mutual SSL there is a standard way to generate the certificates .Company may already have a certificate and we can use jks to store them. The problem with the Mutual SSL is once we enable Mutual SSL for a port we can not communicate with that port through a browser. So we may need to use two ports one for browser and other for mutual SSL. thanks, Amila. > > Paul > > > On 28 May 2013 08:42, Ananda Manoj Kumara <[email protected]> wrote: > >> Hi, >> >> On WSO2 Operation Center use case we need to securely communication >> between OC and Manager nodes (server to server communication) about cluster >> information and other management information. According to the design >> discussions it was suggested to use 'mutual authentication' during >> communications. >> >> Currently Jaggery did not support server to server communication and it >> use OAuth for communication using server credentials. But considering OC >> use-cases we need to maintain states of manager nodes periodically with OC >> and we feel that it will be more convenient to use mutual authentication >> through certs than accessing admin services using current OAuth >> implementation. >> >> Your ideas are welcome about this matter. >> >> Thanks, >> Manoj >> >> >> Best Regards.. >> >> >> Manoj Kumara >> Software Engineer >> WSO2, Inc.; http://wso2.com >> >> Twitter: http://twitter.com/ManKuma >> Mobile: +94713448188 >> >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > Paul Fremantle > CTO and Co-Founder, WSO2 > OASIS WS-RX TC Co-chair, VP, Apache Synapse > > UK: +44 207 096 0336 > US: +1 646 595 7614 > > blog: http://pzf.fremantle.org > twitter.com/pzfreo > [email protected] > > wso2.com Lean Enterprise Middleware > > Disclaimer: This communication may contain privileged or other > confidential information and is intended exclusively for the addressee/s. > If you are not the intended recipient/s, or believe that you may have > received this communication in error, please reply to the sender indicating > that fact and delete the copy you received and in addition, you should not > print, copy, retransmit, disseminate, or otherwise use the information > contained in this communication. Internet communications cannot be > guaranteed to be timely, secure, error or virus-free. The sender does not > accept liability for any errors or omissions. > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- *Amila Suriarachchi* Software Architect WSO2 Inc. ; http://wso2.com lean . enterprise . middleware phone : +94 71 3082805
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
