On Wed, Dec 1, 2010 at 1:24 AM, Prabath Siriwardana <[email protected]>wrote:
> > > On Wed, Dec 1, 2010 at 1:15 AM, Prabath Siriwardana <[email protected]>wrote: > >> >> >> On Wed, Dec 1, 2010 at 1:04 AM, Hiranya Jayathilaka <[email protected]>wrote: >> >>> >>> >>> On Wed, Dec 1, 2010 at 12:06 AM, Prabath Siriwardana >>> <[email protected]>wrote: >>> >>>> The WS-Discovery client in WSO2 ESB indicates we can talk securely with >>>> the DiscoveryProxy - deployed in GReg.. >>>> >>>> But it seems we don't have an option to secure DiscoveryProxy in GReg..? >>>> >>>> The only option to secure the DiscoveryProxy in the current setup - >>>> seems like through Mutual Auth.. with BE/FE separation.. >>>> >>>> May be I am missing something.... >>>> >>> >>> Yes you are :) >>> >>> Security for WS-D was introduced as an experimental feature and it is >>> still at the early stages. For now to engage security on the discovery proxy >>> you need to drop the security policy to repository/conf directory. The file >>> should be named "wsd-sec-policy.xml". At startup the proxy component will >>> detect the file and engage security on the service. >>> >> >> Thanks that helps.. :-) Hope this is documented... >> > > One more question Hiranya.. If we follow the above approach to secure the > DiscoveryProxy - how do we attach the compliant security policy [at the > client end] when services being published via WSAS to DiscoveryProxy at the > time those been deployed.. > > Is it the same approach, that we drop the security policy to > repository/conf directory of WSAS..? > Yes. The file name should be "wsd-client-policy.xml". In the latest trunk you can upload it to the root of the configuration registry too (this will get priority over the file). I'm currently working on improving this so the proxy can pick it from any arbitrary location from the registry as specified by the user. Also note that latest WSAS has a UI where the user can enable/disable WS-D. Thanks, Hiranya > Thanks & regards, > -Prabath > > >> >> Thanks & regards, >> -Prabath >> >> >>> >>> Thanks, >>> Hiranya >>> >>> >>>> >>>> -- >>>> Thanks & Regards, >>>> Prabath >>>> >>>> http://blog.facilelogin.com >>>> http://RampartFAQ.com >>>> >>>> _______________________________________________ >>>> Carbon-dev mailing list >>>> [email protected] >>>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>> >>>> >>> >>> >>> -- >>> Hiranya Jayathilaka >>> Senior Software Engineer; >>> WSO2 Inc.; http://wso2.org >>> E-mail: [email protected]; Mobile: +94 77 633 3491 >>> Blog: http://techfeast-hiranya.blogspot.com >>> >>> _______________________________________________ >>> Carbon-dev mailing list >>> [email protected] >>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>> >>> >> >> >> -- >> Thanks & Regards, >> Prabath Siriwardena >> >> >> http://blog.facilelogin.com >> http://RampartFAQ.com >> > > > > -- > Thanks & Regards, > Prabath Siriwardena > > http://blog.facilelogin.com > http://RampartFAQ.com > > _______________________________________________ > Carbon-dev mailing list > [email protected] > https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev > > -- Hiranya Jayathilaka Senior Software Engineer; WSO2 Inc.; http://wso2.org E-mail: [email protected]; Mobile: +94 77 633 3491 Blog: http://techfeast-hiranya.blogspot.com
_______________________________________________ Carbon-dev mailing list [email protected] https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev
