Hi Shazni, Please find my responses inline.
On Thu, Dec 28, 2017 at 5:20 AM, Shazni Nazeer <[email protected]> wrote: > I have a few questions. > > Will the user be infinitely authenticated once the initial authentication > is successful as far as the connection is intact? > Authentication will be only happen during starting a connection ( connection.start-ok frame) .Sessions will be created using authenticated connection. > Or is there a timeout for authenticated session even within a connection? > And what are the implications of reestablishing a connection? > There is no timeout for session within a connection and they will be keep until client close them . When reestablishing a connection, authentication will be happen like earlier. > > On Mon, Dec 25, 2017 at 8:52 AM, Hasitha Hiranya <[email protected]> > wrote: > >> Hi Asanka, >> >> Perfect. That is what I wanted to clarify. >> >> Thanks >> >> On Mon, Dec 25, 2017 at 5:31 PM, Asanka Abeyweera <[email protected]> >> wrote: >> >>> Hi Hasitha, >>> >>> Here connection corresponds to the "AMQP connection". That is we do the >>> authentication when we receive the connection.start-ok frame and use the >>> authenticated connection in sessions created using the connection. We are >>> not planning to authenticate each session creation. >>> >>> On Mon, Dec 25, 2017 at 4:14 PM, Hasitha Hiranya <[email protected]> >>> wrote: >>> >>>> Hi Waruna, >>>> >>>> According to the diagram, authentication happens on a new "connection". >>>> Is my observation correct? >>>> There will be no need to do that for sessions created by that >>>> connection as same user will be creating them. >>>> >>>> Thanks >>>> >>>> On Wed, Dec 13, 2017 at 11:03 PM, Waruna Jayaweera <[email protected]> >>>> wrote: >>>> >>>>> Hi, >>>>> AMQP specification defined the authentication mechanism and security >>>>> content data is based on Simple Authentication and Security Layer(SASL) >>>>> framework. Following figure shows the proposed implementation for >>>>> $subject. >>>>> >>>>> [image: Inline image 1] >>>>> >>>>> Once client request a connection, server will send the supported SASL >>>>> mechanisms ( ex. Plain Text) to client. After that client will send the >>>>> selected mechanism + auth response data. Server will create SASL server >>>>> based on the client mechanism and then server will evaluate the client >>>>> authentication data and callback handler will be executed for >>>>> authentication. It will be done using following two extension points. >>>>> >>>>> 1. Authenticator - Interface to authenticate mechanism based on >>>>> security framework .We will use Java Authentication and Authorization >>>>> Service (JAAS) as default authentication implementation. >>>>> 2. JAAS Modules - Uses can defined own JAAS Login module as well. >>>>> >>>>> If authentication is success, connection will be established or else >>>>> will send authentication error. >>>>> >>>>> Thanks, >>>>> Waruna >>>>> >>>>> -- >>>>> Regards, >>>>> >>>>> Waruna Lakshitha Jayaweera >>>>> Senior Software Engineer >>>>> WSO2 Inc; http://wso2.com >>>>> phone: +94713255198 <+94%2071%20325%205198> >>>>> http://waruapz.blogspot.com/ >>>>> >>>>> >>>>> _______________________________________________ >>>>> Architecture mailing list >>>>> [email protected] >>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>>> >>>>> >>>> >>>> >>>> -- >>>> *Hasitha Abeykoon* >>>> Associate Technical Lead; WSO2, Inc.; http://wso2.com >>>> *cell:* *+94 719363063* >>>> *blog: **abeykoon.blogspot.com* <http://abeykoon.blogspot.com> >>>> >>>> >>> >>> >>> -- >>> Asanka Abeyweera >>> Associate Technical Lead >>> WSO2 Inc. >>> >>> Phone: +94 712228648 <+94%2071%20222%208648> >>> Blog: a5anka.github.io >>> >>> <https://wso2.com/signature> >>> >> >> >> >> -- >> *Hasitha Abeykoon* >> Associate Technical Lead; WSO2, Inc.; http://wso2.com >> *cell:* *+94 719363063* >> *blog: **abeykoon.blogspot.com* <http://abeykoon.blogspot.com> >> >> >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > Shazni Nazeer > > Mob : +94 777737331 > LinkedIn : http://lk.linkedin.com/in/shazninazeer > > Blogs : > > https://medium.com/@mshazninazeer > http://shazninazeer.blogspot.com > > <http://wso2.com/signature> > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- Regards, Waruna Lakshitha Jayaweera Senior Software Engineer WSO2 Inc; http://wso2.com phone: +94713255198 <+94%2071%20325%205198> http://waruapz.blogspot.com/
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
