Ideally it should be a handler - not a mediator... This should get executed before the message comes to the inSequence.
Thanks & regards, -Prabath On Wed, Nov 13, 2013 at 10:24 PM, Miyuru Wanninayaka <[email protected]>wrote: > Hi all, > > Currently most security stuff handled at rampart level (except OAuth and > XACML which is done via mediators). Even for http basic auth, we converts > those to WS-Sec headers and validate via rampart which is really expensive. > > If we have a HTTP basic auth mediator, we can do it even without touching > payload and can get performance almost equal to passthrough proxying. > > Even we may be able to handle WS username token without rampart. > > WDYT? > > -- > Miyuru Wanninayaka > Technical Lead > WSO2 Inc. : http://wso2.com > > Mobile : +94 77 209 9788 > Blog : http://miyurudw.blogspot.com > Flickr : http://www.flickr.com/photos/miyuru_daminda > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- Thanks & Regards, Prabath Mobile : +94 71 809 6732 http://blog.facilelogin.com http://RampartFAQ.com
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
