Hi Venura, Yes you are correct. I've had a misunderstanding. Thanks.
Regards Dulanja. On Thu, Oct 10, 2013 at 12:36 PM, Venura Kahawala <[email protected]> wrote: > Hi Dulanja, > > AFAIK if we use TLS, message will be encrypted and only the server will be > able to decrypt the message since TLS key is shared between only the client > (browser) and server. This is because at the time of symmetric key > exchange, client encrypt the key with the server's public key and send that > to the server . Anyway we are not going to use request redirection but a > POST request. > > > Regards, > Venura > > > On Thu, Oct 10, 2013 at 11:56 AM, Dulanja Liyanage <[email protected]>wrote: > >> Ah, but i guess the jaggery app and the Authentication Framework would be >> in the same machine, then this won't be a prob if we use LAN address for >> the POST >> >> >> On Thu, Oct 10, 2013 at 11:51 AM, Dulanja Liyanage <[email protected]>wrote: >> >>> The problem of sending a POST outside of the internal network is anyone >>> can grab the credentials during wire transfer (if not secured with HTTPS) >>> or at transits (even if secured with HTTPS). Then we need to consider about >>> encryption. >>> >>> >>> On Wed, Oct 9, 2013 at 10:09 PM, Johann Nallathamby <[email protected]>wrote: >>> >>>> Hi Venura, >>>> >>>> This should be done using the application authentication framework we >>>> have. As we will be migrating our carbon authenticators also to this it is >>>> best to use this framework. >>>> >>>> All you need to do is get the username and password of the user (if you >>>> are using Basic Authentication) and do a POST to the commonauth servlet. >>>> This way the authentication mechanism is independent from your webapp. Only >>>> thing is currently we don't have an authenticator that calls the IS >>>> webservice APIs for authentication. This could be easily done by writing a >>>> new authenticator. Curently we have a Basic Auth authenticator which >>>> authenticates with the underlying user store and a SAML SSO authenticator >>>> for doing Single-Sign-On. >>>> >>>> >>>> On Wed, Oct 9, 2013 at 7:32 PM, Venura Kahawala <[email protected]>wrote: >>>> >>>>> Hi, >>>>> >>>>> I'm now implementing the log in functionality for the My-Identity app. >>>>> As per my understanding current user management functionality implemented >>>>> within jaggery uses OSGI services. This is correct if the mentioned >>>>> application is only deployed within the IS server and therefore >>>>> my-identity >>>>> app is connected to the same user store as the IS. But if we deploy the >>>>> application within an AS, the scenario might be different. >>>>> >>>>> This is also acceptable if the AS and IS both connects to the same >>>>> user store. But in some scenarios these two server might not be connected >>>>> to the same user store. >>>>> For example, IS and user store is located within the internal network >>>>> while AS is located outside the internal network and AS is not connected >>>>> to >>>>> the internal user store. But still we need to deploy the my-identity app >>>>> within the AS since this application is exposed to the end users. >>>>> >>>>> If we need our application to cater above requirement we need to >>>>> implement the log in functionality using web services. >>>>> >>>>> Please correct me if I'm wrong. >>>>> >>>>> Regards, >>>>> Venura >>>>> >>>>> >>>>> >>>>> On Tue, Sep 24, 2013 at 11:39 AM, Venura Kahawala <[email protected]>wrote: >>>>> >>>>>> Hi, >>>>>> >>>>>> We are in the process of moving the below UI features out from the IS >>>>>> management console. >>>>>> >>>>>> 1. My Profiles >>>>>> 2. Account Recovery >>>>>> 3. My Authorized apps >>>>>> 4. OpenID >>>>>> 5. My SCIM Providers >>>>>> 6. Multifactor Authentication >>>>>> 7. Sign-up >>>>>> >>>>>> >>>>>> A jaggery application will be implemented with the above mentioned >>>>>> features and deployed within IS server. This application can be accessed >>>>>> via a different port. High level architecture diagram can be seen here >>>>>> [1]. >>>>>> >>>>>> Jaggery application will be implemented ad-hearing to the caramel >>>>>> framework. >>>>>> >>>>>> [1] >>>>>> https://docs.google.com/a/wso2.com/drawings/d/1jQsKbSVnH3cHCKkNjaLqr9cBARk0pD04RLPGgid4R7M/edit?usp=sharing >>>>>> >>>>>> Please share your thoughts. >>>>>> >>>>>> Regards, >>>>>> Venura >>>>>> >>>>>> -- >>>>>> Senior Software Engineer >>>>>> >>>>>> Mobile: +94 71 82 300 20 >>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> Senior Software Engineer >>>>> >>>>> Mobile: +94 71 82 300 20 >>>>> >>>>> >>>> >>>> >>>> -- >>>> Thanks & Regards, >>>> >>>> *Johann Dilantha Nallathamby* >>>> Senior Software Engineer >>>> Integration Technologies Team >>>> WSO2, Inc. >>>> lean.enterprise.middleware >>>> >>>> Mobile - *+94777776950* >>>> Blog - *http://nallaa.wordpress.com* >>>> >>> >>> >>> >>> -- >>> Dulanja Liyanage >>> Senior Software Engineer - WSO2 Inc. >>> M: +94776764717 >>> >> >> >> >> -- >> Dulanja Liyanage >> Senior Software Engineer - WSO2 Inc. >> M: +94776764717 >> > > > > -- > Senior Software Engineer > > Mobile: +94 71 82 300 20 > > -- Dulanja Liyanage Senior Software Engineer - WSO2 Inc. M: +94776764717
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
