Hi All, We (Sagara, me) came up with a holistic view on the SaaS support from AS. As you may know there are several ways to get some SaaS features implemented within the platform.
*Ways to enable login to SaaS applications * 1. SaaS parameter defining in web.xml with basic/form auth This is the simplest method to achieve the authentication. Can be done with a zero java coding. But only limited to basic/form auth. 2. Manually authenticating with tenants' user stores Here user can implement any authentication mechanism in the application and talk to the internal user-mgt APIs. 3. Login with API manager (/token api invocation) In this approach we can call the /token api in API Manager and get the oauth token in return. If we get a valid token user can be considered valid and the token can be used to talk to other APIs within the application. *SaaS Application supported Features * - users, roles and permissions mgt - authentication and authorization - caching - logging - resource sharing - configuration sharing Also we Identified two modes of providing above features within a SaaS application. *Mode 1* Tenant's data, configs will be kept within each tenant. For eg: tenant logo. Here we can store each tenant's logo in each tenant's registry. *Mode 2* Application hosting tenant can logically define seperation and keep configs within tenant itself. eg: Store all tenants' logos within hosting tenant's registry. I'm planning to properly test each of these and sample and document each area. Please let me know if I have missed any aspect/point. Looking forward to discuss and refine this. thanks, -- Supun Malinga, Senior Software Engineer, WSO2 Inc. http://wso2.com email: [email protected] <[email protected]> mobile: +94 (0)71 56 91 321
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
