Thanks Waruna. This is good. On Fri, Dec 29, 2017 at 7:39 AM, Waruna Jayaweera <[email protected]> wrote:
> Hi Shazni, > > Please find my responses inline. > > On Thu, Dec 28, 2017 at 5:20 AM, Shazni Nazeer <[email protected]> wrote: > >> I have a few questions. >> >> Will the user be infinitely authenticated once the initial authentication >> is successful as far as the connection is intact? >> > > Authentication will be only happen during starting a connection ( > connection.start-ok > frame) .Sessions will be created using authenticated connection. > > >> Or is there a timeout for authenticated session even within a connection? >> And what are the implications of reestablishing a connection? >> > > There is no timeout for session within a connection and they will be keep > until client close them . When reestablishing a connection, > authentication will be happen like earlier. > >> >> On Mon, Dec 25, 2017 at 8:52 AM, Hasitha Hiranya <[email protected]> >> wrote: >> >>> Hi Asanka, >>> >>> Perfect. That is what I wanted to clarify. >>> >>> Thanks >>> >>> On Mon, Dec 25, 2017 at 5:31 PM, Asanka Abeyweera <[email protected]> >>> wrote: >>> >>>> Hi Hasitha, >>>> >>>> Here connection corresponds to the "AMQP connection". That is we do the >>>> authentication when we receive the connection.start-ok frame and use the >>>> authenticated connection in sessions created using the connection. We are >>>> not planning to authenticate each session creation. >>>> >>>> On Mon, Dec 25, 2017 at 4:14 PM, Hasitha Hiranya <[email protected]> >>>> wrote: >>>> >>>>> Hi Waruna, >>>>> >>>>> According to the diagram, authentication happens on a new >>>>> "connection". Is my observation correct? >>>>> There will be no need to do that for sessions created by that >>>>> connection as same user will be creating them. >>>>> >>>>> Thanks >>>>> >>>>> On Wed, Dec 13, 2017 at 11:03 PM, Waruna Jayaweera <[email protected]> >>>>> wrote: >>>>> >>>>>> Hi, >>>>>> AMQP specification defined the authentication mechanism and security >>>>>> content data is based on Simple Authentication and Security Layer(SASL) >>>>>> framework. Following figure shows the proposed implementation for >>>>>> $subject. >>>>>> >>>>>> [image: Inline image 1] >>>>>> >>>>>> Once client request a connection, server will send the supported >>>>>> SASL mechanisms ( ex. Plain Text) to client. After that client will send >>>>>> the selected mechanism + auth response data. Server will create SASL >>>>>> server >>>>>> based on the client mechanism and then server will evaluate the client >>>>>> authentication data and callback handler will be executed for >>>>>> authentication. It will be done using following two extension points. >>>>>> >>>>>> 1. Authenticator - Interface to authenticate mechanism based on >>>>>> security framework .We will use Java Authentication and Authorization >>>>>> Service (JAAS) as default authentication implementation. >>>>>> 2. JAAS Modules - Uses can defined own JAAS Login module as well. >>>>>> >>>>>> If authentication is success, connection will be established or else >>>>>> will send authentication error. >>>>>> >>>>>> Thanks, >>>>>> Waruna >>>>>> >>>>>> -- >>>>>> Regards, >>>>>> >>>>>> Waruna Lakshitha Jayaweera >>>>>> Senior Software Engineer >>>>>> WSO2 Inc; http://wso2.com >>>>>> phone: +94713255198 <+94%2071%20325%205198> >>>>>> http://waruapz.blogspot.com/ >>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> Architecture mailing list >>>>>> [email protected] >>>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> *Hasitha Abeykoon* >>>>> Associate Technical Lead; WSO2, Inc.; http://wso2.com >>>>> *cell:* *+94 719363063* >>>>> *blog: **abeykoon.blogspot.com* <http://abeykoon.blogspot.com> >>>>> >>>>> >>>> >>>> >>>> -- >>>> Asanka Abeyweera >>>> Associate Technical Lead >>>> WSO2 Inc. >>>> >>>> Phone: +94 712228648 <+94%2071%20222%208648> >>>> Blog: a5anka.github.io >>>> >>>> <https://wso2.com/signature> >>>> >>> >>> >>> >>> -- >>> *Hasitha Abeykoon* >>> Associate Technical Lead; WSO2, Inc.; http://wso2.com >>> *cell:* *+94 719363063* >>> *blog: **abeykoon.blogspot.com* <http://abeykoon.blogspot.com> >>> >>> >>> _______________________________________________ >>> Architecture mailing list >>> [email protected] >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>> >>> >> >> >> -- >> Shazni Nazeer >> >> Mob : +94 777737331 >> LinkedIn : http://lk.linkedin.com/in/shazninazeer >> >> Blogs : >> >> https://medium.com/@mshazninazeer >> http://shazninazeer.blogspot.com >> >> <http://wso2.com/signature> >> >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > Regards, > > Waruna Lakshitha Jayaweera > Senior Software Engineer > WSO2 Inc; http://wso2.com > phone: +94713255198 <+94%2071%20325%205198> > http://waruapz.blogspot.com/ > > -- Shazni Nazeer Mob : +94 777737331 LinkedIn : http://lk.linkedin.com/in/shazninazeer Blogs : https://medium.com/@mshazninazeer http://shazninazeer.blogspot.com <http://wso2.com/signature>
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
