This may be different from the current context but may be important if we are thinking back to re-implement the data-bridge in a better way.
In the current data publishing, the publisher side should be authenticated with the BAM/CEP side username and password. This is asking for username and password for authorizing for publishing to the BAM/CEP tenant's specific user. But the publisher can be a 3rd party server where the user cannot trust on. So providing the password is dangerous. Instead if we can think about a token based authorization mechanism we can get rid of the requirement of entering password from the publisher side. In OAuth we can simply point the user to enter the username and password in the BAM/CEP server to authorize publisher once. Then everytime the user sends data to BAM/CEP, authorization token can be used to authorize to publish. When the user wants to avoid the publisher from sending data to BAM/CEP, the user can login to BAM/CEP and ban the authorization token provided to the publisher by BAM/CEP. In this way many independent 3rd party apps can be given the opportunity to publish data to BAM/CEP without requiring the credentials. If we can apply the same authorization mechanism for BAM analyzer script submission / scheduling API and dashboard we can extend the BAM/CEP story, BAM/CEP as a service that can be used by an external app/service. WDYT? *Maninda Edirisooriya* Software Engineer *WSO2, Inc.*lean.enterprise.middleware. *Blog* : http://maninda.blogspot.com/ *Phone* : +94 777603226 On Sat, Jan 25, 2014 at 1:10 AM, Eranda Sooriyabandara <[email protected]>wrote: > Hi Mohan, > > >> >> *Solution* >> >> If we make the streamId unique across multiple tenants then we can >> overcome this issue. That means prefixing the tenant domain with streamId. >> >> For example - If Tenant-A (tenant domain is tenantA) created a stream >> called testStream with version 1.0.0 then streamId is defined as >> *tenantA:testStream:1.0.0 >> *, If a super tenant created a stream then it defined as >> *testStream:1.0.0* without any prefix. By this approach we can make >> streamId unique across multiple tenants. >> > > Can we cross publish the events across tenants? Eg. Tenant A of publisher > able to publish events to Tenant B in CEP/BAM. If so user should be able to > specify the tenant. > > thanks > Eranda > > -- > > *Eranda Sooriyabandara*Senior Software Engineer; > Integration Technologies Team; > WSO2 Inc.; http://wso2.com > Lean . Enterprise . Middleware > > E-mail: eranda AT wso2.com > Mobile: +94 716 472 816 > Linked-In: http://www.linkedin.com/in/erandasooriyabandara > Blog: http://emsooriyabandara.blogspot.com/ > > > > > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > >
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
