Hi Nuwan, Yes.. I was referring to the inbound traffic...
BTW do you see a real use for this outbound with Digest Auth..? I have not seen many systems using this.. Thanks & regards, -Prabath On Thu, Sep 3, 2015 at 4:58 AM, Nuwan Dias <[email protected]> wrote: > Hi Prabath, > > You're referring to supporting the OAuth Mac Token profile for inbound > security right? What we're trying to do here is invoking a secured back-end > over Digest Auth. > > In this case the API Gateway is the client. Therefore the user actually > resides on the User Store of the back-end service. And the > username/password pair is provided to the API on API Manager at the time of > defining the Endpoint of the API. > > Thanks, > NuwanD. > > On Thu, Sep 3, 2015 at 9:56 AM, Tharika Madurapperuma <[email protected]> > wrote: > >> Hi Roshan, >> >> Yes we can allow the users to have any QOP method instead of >> only 'auth'. >> >> Tharika Madurapperuma >> Software Engineering Intern >> WSO2 >> Mobile : +94777-875-624 >> >> On Wed, Sep 2, 2015 at 10:18 PM, Roshan Wijesena <[email protected]> wrote: >> >>> Hi Tharika, >>> >>> +1, Nicely explained. I have only one comment, >>> >>> On Wed, Sep 2, 2015 at 9:57 AM, Tharika Madurapperuma <[email protected]> >>> wrote: >>> >>>> The *qop*(Quality Of Protection) can be one of auth, auth-int etc. and >>>> has influence on how the hash is created. We use auth here. >>>> >>> >>> I think it is better if we can allowed users (API developers) to use >>> any *qop* method as per their wish, I meant we should not strict only >>> to '*auth*' method here. >>> >>> -Roshan. >>> >>> -- >>> Roshan Wijesena. >>> Senior Software Engineer-WSO2 Inc. >>> Mobile: *+94719154640 <%2B94719154640>* >>> Email: [email protected] >>> *WSO2, Inc. :** wso2.com <http://wso2.com/>* >>> lean.enterprise.middleware. >>> >> >> >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > Nuwan Dias > > Technical Lead - WSO2, Inc. http://wso2.com > email : [email protected] > Phone : +94 777 775 729 > -- Thanks & Regards, Prabath Twitter : @prabath LinkedIn : http://www.linkedin.com/in/prabathsiriwardena Mobile : +1 650 625 7950 http://blog.facilelogin.com http://blog.api-security.org
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
