Hi all, So far based on all the discussions above I see below facts.
1) APIM log viewer app is using portal as 'Gadget Store', and wants to embed the gadgets which are residing in the portal app. 2) Without any additional authentication process, the user should be able to embed the gadget to APIM log viewer app. 3) APIM admin app is using the js, libs, etc from the portal app into their app, by just importing the files. Also currently you have shiding feature in the server. Based on above facts, IMO DS is not correctly exploited here. Basically portal is NOT a gadget store, and we have the in built gadget store to cater the main functionality of the DS which is creating dashboards and managing them. Hence if APIM just want to use gadget a place to store gadget and render it, then it's not a best place to do so. As you already have shiding feature in your pack, I would suggest that you just add your gadgets somewhere in APIM log viewer app it self, and render it. That will not require and authentication nor perf issues. Additionally you can only include the js files you required into the APIM log viewer app it self, and remove the portal app entirely from APIM pack. Because importing the js files from another application, is a wrong practice, and we can only make sure we don't change the external APIs not the internal js files, etc, and that will heavily break APIM log viewer, which will be a maintenance night mare. As embedded gadget functionality for DS, we need to embed the gadget including the settings which have been done to the DS as it's shown in the DS server (such as permissions to page, gadgets, views, themes at DS, and gadget settings). Also as we are working on several level of authorization for gadgets, pages, and views, logged in user information is mandatory and user should be specifically say which actually he/she want to embed into their app as the same gadget may have different settings in each pages/views. Therefore we need the logged in user information, and for that as I have already mentioned we support basic auth and SSO, which will cover the third party use cases . Other than that we will include an loading icon than showing the SSO redirection for this which will provide better user experience. But anyhow, this is for the sake of DS embeddable gadget feature, and not for APIM log viewer usecase which is simply embedding a gadget into their app. IMO the APIM log viewer usecase, it's far more easier to just maintain the gadgets in their app itself as mentioned above without actually using the portal app, because anyhow none of the DS main functionalities not used in the intended way. Thanks, Sinthuja. On Tue, Jun 14, 2016 at 8:29 PM, Manuranga Perera <[email protected]> wrote: > There are a few ways to get rid of iframe: > 1) Ignore security and come up with a way to just embed as divs. But this > may break the parent > 2) Use Google Caja. We have to feather look into this. It seems they have > some compatibility with Shindig as well. > 3) Use WebComponents. This approach needs significant research and coming > up with new ways to leverage latest browser specs. > -- > With regards, > *Manu*ranga Perera. > > phone : 071 7 70 20 50 > mail : [email protected] > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- *Sinthuja Rajendran* Technical Lead WSO2, Inc.:http://wso2.com Blog: http://sinthu-rajan.blogspot.com/ Mobile: +94774273955
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
