Hi Asela, >From APIM v3, we are going to use standard IS. That mean, thrift will not support from v3 onward. Since we have WSClient option is supported in the current APIM and recommended in load balance scenario, IMO fixing this will not get huge advantages. If we want to fix, #2 will be the easy option.
WDYT? thanks On Fri, Sep 1, 2017 at 12:55 PM, Asela Pathberiya <[email protected]> wrote: > Hi APIM team, > > According to the docs; We are not recommending the thrift protocol to > communicate with GW and KM when even TCP load balancer is used. > > The problem is that; thrift connection must be authenticated & thrift > session is not replicated among key manager nodes. > > IMO; we have three solution for this. > > 1. Replicate thrift session in KM nodes > > 2. Client side load balancing > > 3. Sending authentication credentials from GW to KM in every request. > This has been implemented in WSO2IS for XACML PDP. You can find the > details [1] & sample thrift client [2] > > We can easily implement approach 3, Shall we consider this for next APIM > release ? > > [1] http://xacmlinfo.org/2014/04/11/thrift-load-balancing/ > [2] https://svn.wso2.org/repos/wso2/people/asela/xacml/pep/thrift-LB > > Thanks, > Asela. > > > -- > Thanks & Regards, > Asela > > ATL > Mobile : +94 777 625 933 <+94%2077%20762%205933> > +358 449 228 979 > > http://soasecurity.org/ > http://xacmlinfo.org/ > -- Lakmal Warusawithana Senior Director - Cloud Architecture; WSO2 Inc. Mobile : +94714289692 Blogs : https://medium.com/@lakwarus/ http://lakmalsview.blogspot.com/
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
