Hi Asitha, I think it is better if the case can be implemented in generic OIDC mechanism, rather than tying to IS management services. That gives us two advantages. 1. Not relying on Admin services - These will be depreciated over REST API. 2. Supports most third-party IdP, not only WSO2 IS in single go.
Cheers, On Wed, Aug 22, 2018 at 8:52 PM Asitha Nanayakkara <[email protected]> wrote: > > > On Wed, Aug 22, 2018 at 8:21 PM Hasitha Hiranya <[email protected]> wrote: > >> Hi Asitha, >> >> Does this mean to an Auth scenario using WSO2 MB, a user must have an IS >> installed? >> > No, As I have said earlier, > "within Message Broker, there is* an extension point to connect to an > external identity provider* (IdP) to authenticate and authorise users. *As > an initial implementation*, we are *planning to write a WSO2 IS connector* > for this." > > If they have a different IdP or Directory System like AD or OpenLDAP we > might have to use that extension point and write an extension. This will be > an initial implementation. > > I believe we cannot install features like in Mb 3.x series here. >> > Yes you are correct. > >> >> Thanks >> >> On Tue, Aug 14, 2018 at 9:54 AM Asitha Nanayakkara <[email protected]> >> wrote: >> >>> Hi all, >>> >>> Within Message Broker, there is an extension point to connect to an >>> external identity provider (IdP) to authenticate and authorise users. >>> >>> As an initial implementation, we are planning to write a WSO2 IS >>> connector for this [1]. This way we would be able to front different user >>> directory systems (OpenLDAP, AD etc) through IS and give the user the >>> option to manage them through IS. >>> >>> We will be using the following admin services to implement >>> MB MandatoryAccessController [2], UserStore interfaces [3] that are needed >>> to fulfil this requirement. >>> >>> - RemoteUserStoreManagerServiceStub >>> - RemoteAuthorizationManagerServiceStub >>> >>> [1] >>> https://github.com/ballerina-platform/ballerina-message-broker/issues/526 >>> [2] >>> https://github.com/ballerina-platform/ballerina-message-broker/blob/master/modules/broker-auth/src/main/java/io/ballerina/messaging/broker/auth/authorization/MandatoryAccessController.java >>> [3] >>> https://github.com/ballerina-platform/ballerina-message-broker/blob/master/modules/broker-auth/src/main/java/io/ballerina/messaging/broker/auth/authorization/UserStore.java >>> >>> Regards, >>> Asitha >>> >>> -- >>> *Asitha Nanayakkara* <http://asitha.github.io/> >>> Associate Technical Lead >>> WSO2, Inc. <http://wso2.com/> >>> Mob: +94 77 853 0682 >>> [image: https://wso2.com/signature] <https://wso2.com/signature> >>> >>> >> >> -- >> *Hasitha Abeykoon* >> Associate Technical Lead; WSO2, Inc.; http://wso2.com >> *cell:* *+94 719363063* >> *blog: **abeykoon.blogspot.com* <http://abeykoon.blogspot.com> >> >> > > -- > *Asitha Nanayakkara* <http://asitha.github.io/> > Associate Technical Lead > WSO2, Inc. <http://wso2.com/> > Mob: +94 77 853 0682 > [image: https://wso2.com/signature] <https://wso2.com/signature> > > -- *Ruwan Abeykoon* *Associate Director/Architect**,* *WSO2, Inc. http://wso2.com <https://wso2.com/signature> * *lean.enterprise.middleware.*
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
