If there any REST API that already secured within itself the feature, then we have to remove it and use this. As ex : DCR. in DCR we expect user in request payload for now and that APIs are not secured. After apply this we can remove the user from request payload and rely on this. And same as we may have to check other REST APIs whether those are rely on any other secure mechanism.
@Isura, Can you please confirm in identity management REST API like inforecovery ? @Ayesha, Ishara already test the DCR and you can fix that removing user in payload, apply this and test. *Harsha Thirimanna* Associate Tech Lead | WSO2 Email: [email protected] Mob: +94715186770 Blog: http://harshathirimanna.blogspot.com/ Twitter: http://twitter.com/harshathirimann Linked-In: linked-in: http://www.linkedin.com/pub/harsha-thirimanna/10/ab8/122 <http://wso2.com/signature> On Thu, Oct 20, 2016 at 12:34 PM, Ishara Karunarathna <[email protected]> wrote: > Hi Ayesha, > > This feature provide a authentication layer in front of any unsecured REST > APIs. So do we need to test this with all the REST APIs ? > > -Ishara > > > On Thu, Oct 20, 2016 at 12:05 PM, Ayesha Dissanayaka <[email protected]> > wrote: > >> Hi all, >> >> I have started testing the"Generic Authentication Mechanism to all the >> REST APIs" feature [1] in IS-5.3.0. >> Please mention details on REST APIs in IS services which needs to be >> secured, so that I can test those APIs with this feature. >> >> [1] https://wso2.org/jira/browse/IDENTITY-4742 >> >> Thanks! >> -Ayesha >> >> -- >> *Ayesha Dissanayaka* >> Software Engineer, >> WSO2, Inc : http://wso2.com >> <http://www.google.com/url?q=http%3A%2F%2Fwso2.com&sa=D&sntz=1&usg=AFQjCNEZvyc0uMD1HhBaEGCBxs6e9fBObg> >> 20, Palmgrove Avenue, Colombo 3 >> E-Mail: [email protected] <[email protected]> >> > > > > -- > Ishara Karunarathna > Associate Technical Lead > WSO2 Inc. - lean . enterprise . middleware | wso2.com > > email: [email protected], blog: isharaaruna.blogspot.com, mobile: > +94717996791 > > >
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
