On Sat, Jun 1, 2013 at 11:55 PM, Mike Stoddart <[email protected]> wrote:
> I hope it's OK to ask this kind of question in this mailing list. > > I have some web services (JAX-RS and JAX-WS) that I'm writing and I want > to make them available to users (browsers) and client applications. I'm > also providing access to them using web sockets but that's a different > access mechanism until the ESB and API Manager support websockets. > > I love the idea behind the API Manager and I want to use this in front of > the web services for client applications. Clients' developers can easily > subscribe to APIs and pull my data into their systems. > > I want to provide secure access to the same web services for browsers > running our Javascript, either authenticating user accounts against Liferay > or the Identity Server. > Why cant you use user access token concept available in API manager for this? In that case each token associated with user. Thanks, Sanjeewa. > > The API Manage can proxy to the back end services but I'm struggling to > understand how to secure these same services for users using browsers. Is > this feasible/possible? Thanks > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > -- * * *Sanjeewa Malalgoda* WSO2 Inc. Mobile : +94713068779 <http://sanjeewamalalgoda.blogspot.com/>blog :http://sanjeewamalalgoda.blogspot.com/<http://sanjeewamalalgoda.blogspot.com/>
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
