Hi Hasitha, Here connection corresponds to the "AMQP connection". That is we do the authentication when we receive the connection.start-ok frame and use the authenticated connection in sessions created using the connection. We are not planning to authenticate each session creation.
On Mon, Dec 25, 2017 at 4:14 PM, Hasitha Hiranya <[email protected]> wrote: > Hi Waruna, > > According to the diagram, authentication happens on a new "connection". Is > my observation correct? > There will be no need to do that for sessions created by that connection > as same user will be creating them. > > Thanks > > On Wed, Dec 13, 2017 at 11:03 PM, Waruna Jayaweera <[email protected]> > wrote: > >> Hi, >> AMQP specification defined the authentication mechanism and security >> content data is based on Simple Authentication and Security Layer(SASL) >> framework. Following figure shows the proposed implementation for $subject. >> >> [image: Inline image 1] >> >> Once client request a connection, server will send the supported SASL >> mechanisms ( ex. Plain Text) to client. After that client will send the >> selected mechanism + auth response data. Server will create SASL server >> based on the client mechanism and then server will evaluate the client >> authentication data and callback handler will be executed for >> authentication. It will be done using following two extension points. >> >> 1. Authenticator - Interface to authenticate mechanism based on >> security framework .We will use Java Authentication and Authorization >> Service (JAAS) as default authentication implementation. >> 2. JAAS Modules - Uses can defined own JAAS Login module as well. >> >> If authentication is success, connection will be established or else will >> send authentication error. >> >> Thanks, >> Waruna >> >> -- >> Regards, >> >> Waruna Lakshitha Jayaweera >> Senior Software Engineer >> WSO2 Inc; http://wso2.com >> phone: +94713255198 <+94%2071%20325%205198> >> http://waruapz.blogspot.com/ >> >> >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > *Hasitha Abeykoon* > Associate Technical Lead; WSO2, Inc.; http://wso2.com > *cell:* *+94 719363063* > *blog: **abeykoon.blogspot.com* <http://abeykoon.blogspot.com> > > -- Asanka Abeyweera Associate Technical Lead WSO2 Inc. Phone: +94 712228648 Blog: a5anka.github.io <https://wso2.com/signature>
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
