True. I am willing to be convinced. I agree that if this is a *major* change then we cannot fix it now. We really need to sort out the difference between the services and admin, so we can separate them. But we also need to have decent security controls. We ought to be able to configure that /carbon requires HTTPS and /portal doesn't.
Paul 2009/11/26 Sanjiva Weerawarana <[email protected]>: > Well Paul said he *thinks* this is a blocker. I agree it'll be great to have > HTTP only but if it can't be done in the framework then I'd rather not mess > up the core by hacking it in. Let's get it fixed right. > > Sanjiva. > On Thu, Nov 26, 2009 at 10:33 AM, Tyrell Perera <[email protected]> wrote: >> >> >> On Thu, Nov 26, 2009 at 10:15 AM, Sanjiva Weerawarana <[email protected]> >> wrote: >>> >>> Also, we need to keep in mind the March plan to replace all Carbon >>> authentication stuff with IS's corresponding components. >> >> The reason I asked this is Paul's blocker on GS yesterday asking us to >> provide HTTP for portal. Essentially the portal is a bunch of Carbon UI >> bundles. if the framework doesn't support it (at least as far as the 2.0.2 >> release is concerned), then we can't do HTTP, for this release at least. >> >> For a future release, we will have to re-visit the design of the UI >> framework and get HTTP support in. >> >> >> Tyrell >> >> >>> >>> Sanjiva. >>> >>> On Thu, Nov 26, 2009 at 9:58 AM, Afkham Azeez <[email protected]> wrote: >>>> >>>> If we just do that, users will be able to login via HTTP by mistake. To >>>> make it secure, and selectively enable HTTP, we will need to do more work. >>>> Azeez >>>> >>>> On Thu, Nov 26, 2009 at 9:54 AM, Sanjiva Weerawarana <[email protected]> >>>> wrote: >>>>> >>>>> Is that a difficult change? Isn't that a matter of turning on HTTP? >>>>> Sanjiva. >>>>> >>>>> 2009/11/26 Afkham Azeez <[email protected]> >>>>>> >>>>>> I think that we have assumed that all UI bundles some how fit into the >>>>>> management console. Hence, they will be exposed only on HTTPS. >>>>>> Ideally, the Carbon mgt console should also be accessible via >>>>>> http://localhost:9763/carbon. Only after logging in, we should switch to >>>>>> HTTPS. >>>>>> Azeez >>>>>> >>>>>> On Thu, Nov 26, 2009 at 7:52 AM, Tyrell Perera <[email protected]> >>>>>> wrote: >>>>>>> >>>>>>> Is it possible for a Carbon UI bundle to run in HTTP mode? These >>>>>>> bundles will of course have corresponding back-end bundles, that talks >>>>>>> to >>>>>>> the Registry etc. >>>>>>> >>>>>>> At the moment, the UI framework redirects all HTTP requests to HTTPS >>>>>>> as far as I can see. >>>>>>> >>>>>>> thanks, >>>>>>> Tyrell >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> Tyrell Perera >>>>>>> WSO2, Inc.; http://www.wso2.com/ >>>>>>> "The Open Source SOA Company" >>>>>>> >>>>>>> http://www.linkedin.com/in/tyrell >>>>>>> http://tyrellperera.blogspot.com >>>>>>> http://twitter.com/tyrellperera >>>>>>> >>>>>>> _______________________________________________ >>>>>>> Carbon-dev mailing list >>>>>>> [email protected] >>>>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> -- >>>>>> Afkham Azeez >>>>>> [email protected] >>>>>> WSO2 Inc. http://wso2.com >>>>>> Blog: http://afkham.org >>>>>> >>>>>> _______________________________________________ >>>>>> Carbon-dev mailing list >>>>>> [email protected] >>>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> Sanjiva Weerawarana, Ph.D. >>>>> Founder, Chairman & CEO; WSO2, Inc.; http://wso2.com/ >>>>> email: [email protected]; phone: +1 408 754 7388 x51726; cell: +94 77 >>>>> 787 6880 >>>>> blog: http://sanjiva.weerawarana.org/ >>>>> >>>>> The Open Source SOA Company >>>>> >>>>> _______________________________________________ >>>>> Carbon-dev mailing list >>>>> [email protected] >>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>>> >>>> >>>> >>>> >>>> -- >>>> -- >>>> Afkham Azeez >>>> [email protected] >>>> WSO2 Inc. http://wso2.com >>>> Blog: http://afkham.org >>>> >>>> _______________________________________________ >>>> Carbon-dev mailing list >>>> [email protected] >>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>> >>> >>> >>> >>> -- >>> Sanjiva Weerawarana, Ph.D. >>> Founder, Chairman & CEO; WSO2, Inc.; http://wso2.com/ >>> email: [email protected]; phone: +1 408 754 7388 x51726; cell: +94 77 787 >>> 6880 >>> blog: http://sanjiva.weerawarana.org/ >>> >>> The Open Source SOA Company >>> >>> _______________________________________________ >>> Carbon-dev mailing list >>> [email protected] >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>> >> >> >> >> -- >> Tyrell Perera >> WSO2, Inc.; http://www.wso2.com/ >> "The Open Source SOA Company" >> >> http://www.linkedin.com/in/tyrell >> http://tyrellperera.blogspot.com >> http://twitter.com/tyrellperera >> >> _______________________________________________ >> Carbon-dev mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >> > > > > -- > Sanjiva Weerawarana, Ph.D. > Founder, Chairman & CEO; WSO2, Inc.; http://wso2.com/ > email: [email protected]; phone: +1 408 754 7388 x51726; cell: +94 77 787 > 6880 > blog: http://sanjiva.weerawarana.org/ > > The Open Source SOA Company > > _______________________________________________ > Carbon-dev mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev > > -- Paul Fremantle CTO and Co-Founder, WSO2 OASIS WS-RX TC Co-chair VP, Apache Synapse Office: +44 844 484 8143 Cell: +44 798 447 4618 blog: http://pzf.fremantle.org twitter.com/pzfreo [email protected] WSO2 - a breath of fresh oxygen for enterprise middleware http://wso2.com _______________________________________________ Carbon-dev mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
