Hi all, Now we exposed the all types of registries (will be Repository in future) to the outside registry kernel (Carbon kernel) via RegistryService. Here are the types of registries we have. systemRegistry configSystemRegistry governanceSystemRegistry userRegistry configUserRegistry governanceUserRegistry
But if we take a close look we should be only exposing configUserRegistry, governanceUserRegistry which actually should be use in the platform level components. Other than that if we need to save something to local registry or as systemRegistry we should specifically give methods for them. For example if we want to retrieve last indexed time of a server we need to have a separate method. There are several advantages over this modification. 1. No one allowed to modify local registry + we may not need to show that in the resource browser. 2. There can be security issues when we expose system registries over an API 3. We have used systemRegistries all over our components for some operations which is incorrect because its overriding the authorization model + people won't find the correct logs. 4. People can use the system registry in their custom handlers which we should not allowed WDYT? thanks Eranda -- *Eranda Sooriyabandara*Senior Software Engineer; Integration Technologies Team; WSO2 Inc.; http://wso2.com Lean . Enterprise . Middleware E-mail: eranda AT wso2.com Mobile: +94 716 472 816 Linked-In: http://www.linkedin.com/in/erandasooriyabandara Blog: http://emsooriyabandara.blogspot.com/
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
