Hi Abimaran,

On Tue, Oct 11, 2016 at 12:32 PM, Abimaran Kugathasan <abima...@wso2.com>
wrote:

>
>
> On Mon, Oct 10, 2016 at 6:18 PM, Nuwan Dias <nuw...@wso2.com> wrote:
>
>> Hi,
>>
>> With the current efforts on moving to C5 based architecture, API Manager
>> plans to rely on standalone IS (without installing features) so that it can
>> operate as the Key Manager for the API Gateway. In order to achieve this,
>> there are a few feature gaps in IS we have identified earlier that need to
>> be filled in. Please see the list below.
>>
>> 1. A Dynamic Client Registration Endpoint
>>
>> When users create Applications and Keys on the API Store, we need to call
>> an Endpoint on IS to register the Application. Once an Application is
>> registered, API Manager also requires an endpoint to retrieve the
>> Application's information by querying using the Application name.
>>
>> 2. A Resource Registration Endpoint
>>
>> When defining scopes and associating Resources to scopes, it is required
>> to register these scopes on IS. Scopes should also have a role (or similar)
>> binding so that we can perform RBAC (at a minimal) for scopes. It is ideal
>> to make this an extensible framework so that others could associate thing
>> like permissions to scope as well.
>>
>> 3. A Resource Validation Endpoint against scopes
>>
>> When the Gateway grants access on a particular token to a resource, it
>> needs to check if the given token bears the necessary scope to access that
>> resource.
>>
>
>
> Does Gateway has to call IS for token validation for each API call? Won't
> that degrade performance?
>

Isn't this the same thing we already have solved using gateway cache? I
don't think that's going to be any different with new approach.

Thanks,
Bhathiya


>
>
>>
>> At the moment we have identified the above 3 as mandatory features to be
>> supported by IS if the said integration is to be feasible. We would be
>> grateful if these could be taken into consideration when IS is being built
>> on C5.
>>
>> Thanks,
>> NuwanD.
>>
>> --
>> Nuwan Dias
>>
>> Software Architect - WSO2, Inc. http://wso2.com
>> email : nuw...@wso2.com
>> Phone : +94 777 775 729
>>
>> _______________________________________________
>> Architecture mailing list
>> Architecture@wso2.org
>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>>
>>
>
>
> --
> Thanks
> Abimaran Kugathasan
> Senior Software Engineer - API Technologies
>
> Email : abima...@wso2.com
> Mobile : +94 773922820
>
> <http://stackoverflow.com/users/515034>
> <http://lk.linkedin.com/in/abimaran>
> <http://www.lkabimaran.blogspot.com/>  <https://github.com/abimarank>
> <https://twitter.com/abimaran>
>
>
> _______________________________________________
> Architecture mailing list
> Architecture@wso2.org
> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>
>


-- 
*Bhathiya Jayasekara*
*Senior Software Engineer,*
*WSO2 inc., http://wso2.com <http://wso2.com>*

*Phone: +94715478185*
*LinkedIn: http://www.linkedin.com/in/bhathiyaj
<http://www.linkedin.com/in/bhathiyaj>*
*Twitter: https://twitter.com/bhathiyax <https://twitter.com/bhathiyax>*
*Blog: http://movingaheadblog.blogspot.com
<http://movingaheadblog.blogspot.com/>*
_______________________________________________
Architecture mailing list
Architecture@wso2.org
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture

Reply via email to