HI Sameera, What will happen to the topic level security? We need a way to authorize users for each topic/queue as they are created.
Thanks, Akalanka. On Wed, Feb 10, 2016 at 4:44 PM, Sameera Jayasoma <[email protected]> wrote: > The existing callback is mostly specific to HTTP requests. You can write > your own callback to extract information from your JMS/MQTT messages. > > You can write MB specific CallbackHander and/or Callback to do this job. > CallbackHandler and Callback interfaces are designed to extract information > in an application-dependent manner. > > Rest of the stuff should work. > > Thanks, > Sameera. > > On Wed, Feb 10, 2016 at 3:41 PM, Hasitha Amal De Silva <[email protected]> > wrote: > >> Hi all, >> >> Given our plans to release MB 3.5.0 based on Carbon 5, Akalanka and I >> have been looking into the JAAS based authentication framework ongoing at >> repo [1]. >> >> As per our discussion with Thanuja, Omindu and Yasiru, excluding the REST >> services security exposed to the UI console, the current carbon-security >> implementation is lacking the following requirements in terms of MB >> behavior : >> >> >> 1. >> >> The current login implementation is based on an HTTP request where >> the request is passed across the login implementation whereas MB has JMS/ >> MQTT protocol messages containing the login information. >> >> >> >> 1. >> >> MB has the requirement to grant/ validate permissions to dynamically >> created queues/topic trees that are generated. >> >> >> >> 1. >> >> MB needs to validate permissions for these created queues and topic >> across the cluster which require a centralized storage mechanism (e.g. >> RDBMS) for the permissions. >> >> >> More information on MB authorization requirements can be found at mail >> [2]. >> >> Given this situation, should we generalize the authentication mechanism >> to be pluggable with transports other than HTTP ? Or consider JMS / MQTT as >> an exception ? >> >> Thanks >> >> >> [1] : >> https://github.com/wso2/carbon-kernel/tree/hamming-release-poc/modules/carbon-security >> >> >> >> <https://github.com/wso2/carbon-kernel/tree/hamming-release-poc/modules/carbon-security> >> [2] : [Mail] "Message Broker topic level security" >> >> -- >> Cheers, >> >> Hasitha Amal De Silva >> Software Engineer >> Mobile : 0772037426 >> Blog : http://devnutshell.tumblr.com/ >> WSO2 Inc.: http://wso2.com ( lean.enterprise.middleware. ) >> > > > > -- > Sameera Jayasoma, > Software Architect, > > WSO2, Inc. (http://wso2.com) > email: [email protected] > blog: http://blog.sameera.org > twitter: https://twitter.com/sameerajayasoma > flickr: http://www.flickr.com/photos/sameera-jayasoma/collections > Mobile: 0094776364456 > > Lean . Enterprise . Middleware > > -- *Darshana Akalanka Pagoda Arachchi,* *Software Engineer* *078-4721791*
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
