I hope it's OK to ask this kind of question in this mailing list. I have some web services (JAX-RS and JAX-WS) that I'm writing and I want to make them available to users (browsers) and client applications. I'm also providing access to them using web sockets but that's a different access mechanism until the ESB and API Manager support websockets.
I love the idea behind the API Manager and I want to use this in front of the web services for client applications. Clients' developers can easily subscribe to APIs and pull my data into their systems. I want to provide secure access to the same web services for browsers running our Javascript, either authenticating user accounts against Liferay or the Identity Server. The API Manage can proxy to the back end services but I'm struggling to understand how to secure these same services for users using browsers. Is this feasible/possible? Thanks _______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
