Hi All,
After extensive discussions, we decided to differ implementing this
approach. Reasons are,
1. Configuring at carbon.xml is system wide. in C4, usually each tenant
will need their own configuration.
2. Some web-apps can run out of carbon (on standalone tomcat). We need to
expose Service to retrieve the configurations. Implementing a service only
to the "policy URL" is not a correct approach.

Instead, each web-app needs to implement its own script page (typically a
JSP page) to respond to "policy URL" and render customized content.  We can
look into improving this by adding a configuration REST service later, when
and if required.

Cheers,
Ruwan


On Wed, Feb 21, 2018 at 5:59 PM, Sagara Gunathunga <sag...@wso2.com> wrote:

>
> -  +1 for above approach, since this is a platform level feature it make
> sense to  to get privacy/cookie policy url from carbon.xml file.
>
> -  Going forward we need to support per tenant privacy/cookie policy as
> well but it need some new carbon UIs, let's start with server level 
> privacy/cookie
> policy and introduce per tenant configuration later. @Ruwan I believe
> getPrivacyPolicyURL()/getCookiePolicyURL() method can hide the internal
> logic so pluginng  tenant level configuration  won't require any change
> to above methods.
>
> Thanks !
>
> On Wed, Feb 21, 2018 at 4:34 PM, Nuwan Dias <nuw...@wso2.com> wrote:
>
>>
>>
>> On Wed, Feb 21, 2018 at 3:46 PM, Isura Karunaratne <is...@wso2.com>
>> wrote:
>>
>>> Hi Ruwan,
>>>
>>> On Wed, Feb 21, 2018 at 3:28 PM, Ruwan Abeykoon <ruw...@wso2.com> wrote:
>>>
>>>> Hi All,
>>>>
>>>> In order to comply with GDPR regulations, we are planning to
>>>> incorporate privacy and cookie policy URL configuration into carbon 4
>>>> "carbon.xml" . The following element will be added to "carbon.xml", as this
>>>> needs to be available fr any product based on c4.
>>>> This configuration will be disabled (commented out) by default, in
>>>> which hard-coded URL shall be displayed by each UI.
>>>>
>>>> <!--
>>>>     Configurations related to privacy for the end-user who logs into the 
>>>> platform
>>>> -->
>>>> <Privacy>
>>>>     <!--
>>>>      The below privacy policy URL will be the one linked, instead of the 
>>>> default, when configured.
>>>>      This applies to carbon console and all other web applications.
>>>>     -->
>>>>     
>>>> <PrivacyPolicyURL>https://your.organozation/privacy/privacy-policy.html</PrivacyPolicyURL>
>>>>
>>>>
>>> Shouldn't this be a tenant wise configuration?
>>>
>>
>> Since all the web apps we ship by default are SaaS apps (all tenants
>> login to the same app) I think its fine for this to be a server config.
>>
>>>
>>> Thanks
>>> Isura.
>>>
>>>>
>>>>     <!--
>>>>       The below cookie policy URL will be the one linked, instead of the 
>>>> default, when configured. -
>>>>       This applies to carbon console and all other web applications.
>>>>     -->
>>>>     
>>>> <CookiePolicyURL>https://your.organozation/privacy/cookie-policy.html</CookiePolicyURL>
>>>> </Privacy>
>>>>
>>>>
>>>> Furthermore, We will add following methods to "CarbonUtils.java" to
>>>> access the above two properties. These methods may return null, in which,
>>>> the relevant UI should render a default link for the respective policy URL.
>>>>
>>>> String getPrivacyPolicyURL()
>>>> String getCookiePolicyURL()
>>>>
>>>>
>>>> Cheers,
>>>> Ruwan
>>>>
>>>>
>>>
>>>
>>> --
>>>
>>> *Isura Dilhara Karunaratne*
>>> Associate Technical Lead | WSO2
>>> Email: is...@wso2.com
>>> Mob : +94 772 254 810 <+94%2077%20225%204810>
>>> Blog : http://isurad.blogspot.com/
>>>
>>>
>>>
>>>
>>
>>
>> --
>> Nuwan Dias
>>
>> Software Architect - WSO2, Inc. http://wso2.com
>> email : nuw...@wso2.com
>> Phone : +94 777 775 729 <+94%2077%20777%205729>
>>
>
>
>
> --
> Sagara Gunathunga
>
> Director; WSO2, Inc.;  http://wso2.com
> Linkedin; http://www.linkedin.com/in/ssagara
> Blog ;  http://ssagara.blogspot.com
> Mobile : +9471 <+94%2071%20565%209887>2149951
>
>
_______________________________________________
Architecture mailing list
Architecture@wso2.org
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture

Reply via email to