Hi Harsha, Yes, the user can expose API either OAuth, Basic auth or even both with this implementation. Thank you.
Best Regards, Chamod. On Fri, Feb 15, 2019 at 9:34 PM Harsha Kumara <[email protected]> wrote: > Hi Chamod, > > Can user choose to expose API either OAuth or Basic authentication with > this implementation? > > We need to provide basic authentication agaist user store configured in > the key manager. Because most of the timee, gateway won't share user > stores. Please add the local user store authentication support as well. We > need to look for possible caching mechanism for this. > > Since we do have mutual authentication as a security scheme, check the > best way of providing the basic authentication > > Thanks, > Harsha > > On Fri, Feb 15, 2019 at 9:07 PM Chamod Samarajeewa <[email protected]> > wrote: > >> Adding [email protected] >> >> On Fri, Feb 15, 2019 at 5:18 PM Harsha Kumara <[email protected]> wrote: >> >>> Hi Chamod, >>> >>> Can user choose to expose API either OAuth or Basic authentication with >>> this implementation? >>> >>> We need to provide basic authentication agaist user store configured in >>> the key manager. Because most of the timee, gateway won't share user >>> stores. Please add the local user store authentication support as well. We >>> need to look for possible caching mechanism for this. >>> >>> Since we do have mutual authentication as a security scheme, check the >>> best way of providing the basic authentication >>> >>> Thanks, >>> Harsha >>> >>> On Fri, Feb 15, 2019 at 4:59 PM Chamod Samarajeewa <[email protected]> >>> wrote: >>> >>>> Adding [email protected]. >>>> >>>> >>>> ---------- Forwarded message --------- >>>> From: Nuwan Dias <[email protected]> >>>> Date: Fri, Feb 15, 2019 at 3:01 PM >>>> Subject: Re: Basic Authentication for APIM Gateway >>>> To: Chamod Samarajeewa <[email protected]> >>>> Cc: Architecture Team <[email protected]>, APIM Team < >>>> [email protected]> >>>> >>>> >>>> Chamod, this email should be sent to [email protected]. >>>> >>>> Thanks, >>>> NuwanD. >>>> >>>> On Fri, Feb 15, 2019 at 2:37 PM Chamod Samarajeewa <[email protected]> >>>> wrote: >>>> >>>>> Hi All, >>>>> >>>>> I have included the information in the Github issue here as well. >>>>> >>>>> *Requirements* >>>>> >>>>> >>>>> Provide authentication for APIM Gateway with basic authentication >>>>> which uses usernames and passwords. >>>>> >>>>> *Introduction* >>>>> >>>>> >>>>> Providing feature of enabling basic authentication security schema to >>>>> product APIM Gateway along with OAuth2 token-based authentication. The >>>>> user >>>>> will be benefited with using only OAuth2 token based authentication alone, >>>>> using basic authentication alone and using both schemas at the same time. >>>>> >>>>> >>>>> *Approach* >>>>> >>>>> >>>>> [image: Basic Auth - APIM-GW-2.jpg] >>>>> >>>>> curl -k -X GET "https://10.100.0.201:8243/pizzashack/1.0.0/menu"; -H >>>>> "accept: >>>>> application/json" -H "Authorization: Basic $(echo -n >>>>> username:password | base64)" >>>>> >>>>> The API Authentication Handler will forward the request to Basic Auth >>>>> Authenticator or OAuth Authenticator based on the authorization header of >>>>> the request. >>>>> >>>>> Thank you. Regards. >>>>> >>>>> On Fri, Feb 15, 2019 at 2:20 PM Chamod Samarajeewa <[email protected]> >>>>> wrote: >>>>> >>>>>> Hi All, >>>>>> >>>>>> I'm working on developing a new feature for APIM Gateway to >>>>>> provide Basic Authentication support. You can find the details in the >>>>>> following Github issue [1]. >>>>>> >>>>>> I would really appreciate any feedback. Thank you. >>>>>> >>>>>> Best regards, >>>>>> Chamod. >>>>>> >>>>>> [1] - https://github.com/wso2/carbon-apimgt/issues/5986 >>>>>> -- >>>>>> Chamod Samarajeewa | Software Engineer | WSO2 Inc. >>>>>> (m) +94710397382 | Email: [email protected] <[email protected]> >>>>>> GET INTEGRATION AGILE >>>>>> Integration Agility for Digitally Driven Business >>>>>> >>>>> >>>>> >>>>> -- >>>>> Chamod Samarajeewa | Software Engineer | WSO2 Inc. >>>>> (m) +94710397382 | Email: [email protected] <[email protected]> >>>>> GET INTEGRATION AGILE >>>>> Integration Agility for Digitally Driven Business >>>>> >>>> >>>> >>>> -- >>>> *Nuwan Dias* | Director | WSO2 Inc. >>>> (m) +94 777 775 729 | (e) [email protected] >>>> [image: Signature.jpg] >>>> >>>> >>>> -- >>>> Chamod Samarajeewa | Software Engineer | WSO2 Inc. >>>> (m) +94710397382 | Email: [email protected] <[email protected]> >>>> GET INTEGRATION AGILE >>>> Integration Agility for Digitally Driven Business >>>> >>> >>> >>> -- >>> >>> *Harsha Kumara* >>> >>> Associate Technical Lead, WSO2 Inc. >>> Mobile: +94775505618 >>> Email: [email protected] >>> Blog: harshcreationz.blogspot.com >>> >>> GET INTEGRATION AGILE >>> Integration Agility for Digitally Driven Business >>> >> >> >> -- >> Chamod Samarajeewa | Software Engineer | WSO2 Inc. >> (m) +94710397382 | Email: [email protected] <[email protected]> >> GET INTEGRATION AGILE >> Integration Agility for Digitally Driven Business >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> > > > -- > > *Harsha Kumara* > > Associate Technical Lead, WSO2 Inc. > Mobile: +94775505618 > Email: [email protected] > Blog: harshcreationz.blogspot.com > > GET INTEGRATION AGILE > Integration Agility for Digitally Driven Business > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > -- Chamod Samarajeewa | Software Engineer | WSO2 Inc. (m) +94710397382 | Email: [email protected] <[email protected]> GET INTEGRATION AGILE Integration Agility for Digitally Driven Business
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
