On Tue, Oct 11, 2016 at 12:59 PM, Bhathiya Jayasekara <bhath...@wso2.com>
wrote:

> Hi Abimaran,
>
> On Tue, Oct 11, 2016 at 12:32 PM, Abimaran Kugathasan <abima...@wso2.com>
> wrote:
>
>>
>>
>> On Mon, Oct 10, 2016 at 6:18 PM, Nuwan Dias <nuw...@wso2.com> wrote:
>>
>>> Hi,
>>>
>>> With the current efforts on moving to C5 based architecture, API Manager
>>> plans to rely on standalone IS (without installing features) so that it can
>>> operate as the Key Manager for the API Gateway. In order to achieve this,
>>> there are a few feature gaps in IS we have identified earlier that need to
>>> be filled in. Please see the list below.
>>>
>>> 1. A Dynamic Client Registration Endpoint
>>>
>>> When users create Applications and Keys on the API Store, we need to
>>> call an Endpoint on IS to register the Application. Once an Application is
>>> registered, API Manager also requires an endpoint to retrieve the
>>> Application's information by querying using the Application name.
>>>
>>> 2. A Resource Registration Endpoint
>>>
>>> When defining scopes and associating Resources to scopes, it is required
>>> to register these scopes on IS. Scopes should also have a role (or similar)
>>> binding so that we can perform RBAC (at a minimal) for scopes. It is ideal
>>> to make this an extensible framework so that others could associate thing
>>> like permissions to scope as well.
>>>
>>> 3. A Resource Validation Endpoint against scopes
>>>
>>> When the Gateway grants access on a particular token to a resource, it
>>> needs to check if the given token bears the necessary scope to access that
>>> resource.
>>>
>>
>>
>> Does Gateway has to call IS for token validation for each API call? Won't
>> that degrade performance?
>>
>
> Isn't this the same thing we already have solved using gateway cache? I
> don't think that's going to be any different with new approach.
>

Currently Gateway and Key Manager (Key Manager profile of API Manager )
uses Thrift protocol for communication, but, Identity Server don't support
Thrift protocol, so, we have to use REST/SOAP for all the communications.
Thrift is comparatively faster the any HTTP based protocols.


>
> Thanks,
> Bhathiya
>
>
>>
>>
>>>
>>> At the moment we have identified the above 3 as mandatory features to be
>>> supported by IS if the said integration is to be feasible. We would be
>>> grateful if these could be taken into consideration when IS is being built
>>> on C5.
>>>
>>> Thanks,
>>> NuwanD.
>>>
>>> --
>>> Nuwan Dias
>>>
>>> Software Architect - WSO2, Inc. http://wso2.com
>>> email : nuw...@wso2.com
>>> Phone : +94 777 775 729
>>>
>>> _______________________________________________
>>> Architecture mailing list
>>> Architecture@wso2.org
>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>>>
>>>
>>
>>
>> --
>> Thanks
>> Abimaran Kugathasan
>> Senior Software Engineer - API Technologies
>>
>> Email : abima...@wso2.com
>> Mobile : +94 773922820
>>
>> <http://stackoverflow.com/users/515034>
>> <http://lk.linkedin.com/in/abimaran>
>> <http://www.lkabimaran.blogspot.com/>  <https://github.com/abimarank>
>> <https://twitter.com/abimaran>
>>
>>
>> _______________________________________________
>> Architecture mailing list
>> Architecture@wso2.org
>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>>
>>
>
>
> --
> *Bhathiya Jayasekara*
> *Senior Software Engineer,*
> *WSO2 inc., http://wso2.com <http://wso2.com>*
>
> *Phone: +94715478185 <%2B94715478185>*
> *LinkedIn: http://www.linkedin.com/in/bhathiyaj
> <http://www.linkedin.com/in/bhathiyaj>*
> *Twitter: https://twitter.com/bhathiyax <https://twitter.com/bhathiyax>*
> *Blog: http://movingaheadblog.blogspot.com
> <http://movingaheadblog.blogspot.com/>*
>
> _______________________________________________
> Architecture mailing list
> Architecture@wso2.org
> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>
>


-- 
Thanks
Abimaran Kugathasan
Senior Software Engineer - API Technologies

Email : abima...@wso2.com
Mobile : +94 773922820

<http://stackoverflow.com/users/515034>
<http://lk.linkedin.com/in/abimaran>  <http://www.lkabimaran.blogspot.com/>
<https://github.com/abimarank>  <https://twitter.com/abimaran>
_______________________________________________
Architecture mailing list
Architecture@wso2.org
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture

Reply via email to