Hi Prabath, One down side of the handler is that user has to leave his ESB experience to secure the messages. (We so far we got away with that ). If we can let users configure security within ESB language itself, it will be an added plus. (This is like we have to go to Axis2 level to configure transports now).
--Srinath On Thu, Nov 14, 2013 at 1:23 AM, Prabath Siriwardena <[email protected]>wrote: > Ideally it should be a handler - not a mediator... This should get > executed before the message comes to the inSequence. > > Thanks & regards, > -Prabath > > > On Wed, Nov 13, 2013 at 10:24 PM, Miyuru Wanninayaka <[email protected]>wrote: > >> Hi all, >> >> Currently most security stuff handled at rampart level (except OAuth and >> XACML which is done via mediators). Even for http basic auth, we converts >> those to WS-Sec headers and validate via rampart which is really expensive. >> >> If we have a HTTP basic auth mediator, we can do it even without touching >> payload and can get performance almost equal to passthrough proxying. >> >> Even we may be able to handle WS username token without rampart. >> >> WDYT? >> >> -- >> Miyuru Wanninayaka >> Technical Lead >> WSO2 Inc. : http://wso2.com >> >> Mobile : +94 77 209 9788 >> Blog : http://miyurudw.blogspot.com >> Flickr : http://www.flickr.com/photos/miyuru_daminda >> >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > Thanks & Regards, > Prabath > > Mobile : +94 71 809 6732 > > http://blog.facilelogin.com > http://RampartFAQ.com > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- ============================ Srinath Perera, Ph.D. http://people.apache.org/~hemapani/ http://srinathsview.blogspot.com/
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
