Hi Asanka, Perfect. That is what I wanted to clarify.
Thanks On Mon, Dec 25, 2017 at 5:31 PM, Asanka Abeyweera <[email protected]> wrote: > Hi Hasitha, > > Here connection corresponds to the "AMQP connection". That is we do the > authentication when we receive the connection.start-ok frame and use the > authenticated connection in sessions created using the connection. We are > not planning to authenticate each session creation. > > On Mon, Dec 25, 2017 at 4:14 PM, Hasitha Hiranya <[email protected]> > wrote: > >> Hi Waruna, >> >> According to the diagram, authentication happens on a new "connection". >> Is my observation correct? >> There will be no need to do that for sessions created by that connection >> as same user will be creating them. >> >> Thanks >> >> On Wed, Dec 13, 2017 at 11:03 PM, Waruna Jayaweera <[email protected]> >> wrote: >> >>> Hi, >>> AMQP specification defined the authentication mechanism and security >>> content data is based on Simple Authentication and Security Layer(SASL) >>> framework. Following figure shows the proposed implementation for $subject. >>> >>> [image: Inline image 1] >>> >>> Once client request a connection, server will send the supported SASL >>> mechanisms ( ex. Plain Text) to client. After that client will send the >>> selected mechanism + auth response data. Server will create SASL server >>> based on the client mechanism and then server will evaluate the client >>> authentication data and callback handler will be executed for >>> authentication. It will be done using following two extension points. >>> >>> 1. Authenticator - Interface to authenticate mechanism based on >>> security framework .We will use Java Authentication and Authorization >>> Service (JAAS) as default authentication implementation. >>> 2. JAAS Modules - Uses can defined own JAAS Login module as well. >>> >>> If authentication is success, connection will be established or else >>> will send authentication error. >>> >>> Thanks, >>> Waruna >>> >>> -- >>> Regards, >>> >>> Waruna Lakshitha Jayaweera >>> Senior Software Engineer >>> WSO2 Inc; http://wso2.com >>> phone: +94713255198 <+94%2071%20325%205198> >>> http://waruapz.blogspot.com/ >>> >>> >>> _______________________________________________ >>> Architecture mailing list >>> [email protected] >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>> >>> >> >> >> -- >> *Hasitha Abeykoon* >> Associate Technical Lead; WSO2, Inc.; http://wso2.com >> *cell:* *+94 719363063* >> *blog: **abeykoon.blogspot.com* <http://abeykoon.blogspot.com> >> >> > > > -- > Asanka Abeyweera > Associate Technical Lead > WSO2 Inc. > > Phone: +94 712228648 > Blog: a5anka.github.io > > <https://wso2.com/signature> > -- *Hasitha Abeykoon* Associate Technical Lead; WSO2, Inc.; http://wso2.com *cell:* *+94 719363063* *blog: **abeykoon.blogspot.com* <http://abeykoon.blogspot.com>
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
