Hi All, Here is a brief update on implementation of blocking deactivated tenant requests.
*Problem:* Even if we deactivated tenant, still they can access services(APIs, proxy etc) deployed in server. This will effect to multitenanted products. *Suggested solution:* Implement dispatcher and engage it in transport phase. So this dispatcher will check tenants state for each call. Then allow to pass requests coming from active tenants. If request come to service deployed in deactivated tenants space then server will return 403 error with message saying "You are trying to invoke deactivated tenant service" For this i implemented dispatcher in org.wso2.carbon.tenant.dispatcher component(stratos component). It will bundled with stratos common feature. So this dispatcher will be there in most of products as stratos common is a basic feature (available in all products). Here we will be maintaining map to keep tenant id and active/deactivated status(otherwise there would be performance drawback). This map will be cleared in 15 minutes time interval. Also we need to engage this dispatcher by adding configuration to transport phase configurations of axis2.xml file. And we can add this configuration to axis2.xml and keep it commented as we do not need to engage it for default scenario. Any suggestions? Thanks, sanjeewa. -- *Sanjeewa Malalgoda* WSO2 Inc. Mobile : +94713068779 <http://sanjeewamalalgoda.blogspot.com/>blog :http://sanjeewamalalgoda.blogspot.com/ <http://sanjeewamalalgoda.blogspot.com/>
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
