Hi, Please find the answers inline.
On Wed, Feb 8, 2017 at 11:58 AM, Roshan Wijesena <ros...@wso2.com> wrote: > Label approach is much more cleaner for me then API publisher can decide > where that API should go. > > Question :- How publisher and gateways both sync with label names? when an > API came with an unknown label what will happen. We should have predefined > label set right? > > We do not have a predefined label sets. But we may have to use a default label for the single node deployment. When starting up a gateway node we should provide a label. Then this label will be saved in the database and will be used for publisher as well. If an API has a unknown label, then this API will not be served from any of the gateways. > On Wed, Feb 8, 2017 at 11:45 AM, Isuru Haththotuwa <isu...@wso2.com> > wrote: > >> Hi, >> >> On Wed, Feb 8, 2017 at 11:37 AM, Shani Ranasinghe <sh...@wso2.com> wrote: >> >>> Hi, >>> Can't we use the existing roles to do this? Restricted by roles? >>> >>> for e.g API A (public) has a role "public" and API B(internal) has a >>> role "internal" . We develop our API admin portal to let the gateway know >>> which roles to look for. So from our admin portal we say internal gateway >>> will allow API's with role "internal", and public gateway will allow API's >>> with role "public". Then when the request hits the gateway, it will check >>> if the requested API has invokers roles associated with the API. Would this >>> not work? >>> >> Technically can do. But AFAIU there is a security aspect of separating >> the gateway as internal and external. The internal gateway would not be >> exposed to the same network as the public/external one. Hence there might >> be use cases where we can't use a single gateway for both internal and >> external. >> >>> >>> Due to the complications we are not mapping any labels with user roles by default. But we are providing an extension point where users can write a custom implementation to map labels with any user roles. Thank you! -- *Pubudu Gunatilaka* Committer and PMC Member - Apache Stratos Software Engineer WSO2, Inc.: http://wso2.com mobile : +94774078049 <%2B94772207163>
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
