On Thu, Mar 3, 2011 at 4:09 PM, Paul Fremantle <[email protected]> wrote:
> Actually, I think the secure vault is ok as-is for this use. > > I'm also wondering if it would be better to use Client certs for this? > In this scenario CSG Agent --> ESB Server - so if we are going to use client certs [Mutual SSL] we need to enable mutual ssl at the ESB end.. There we have a limitation - we can't enable mutual auth per service basis - it would be at the container level... One alternative would be to enable mutual ssl as optional, <parameter name="SSLVerifyClient">optional</parameter> And enforce it with a security policy for the specific services. I tested this approach - but requires some fixes - will do those for the next release.. Thanks & regards, -Prabath > > Paul > > > > On 3 March 2011 10:37, Paul Fremantle <[email protected]> wrote: > >> Ok... I can see the Registry is a good place for this. Can we do a hybrid >> Registry-based secure vault? >> >> Paul >> >> >> On 3 March 2011 08:44, Rajika Kumarasiri <[email protected]> wrote: >> >>> >>> >>> On Thu, Mar 3, 2011 at 1:44 PM, Paul Fremantle <[email protected]> wrote: >>> >>>> What are you storing? >>> >>> >>> When CSG agent component adds a CSG server ( i.e. the ESB server) I need >>> to keep track the user name and the password so that I can publish a proxy >>> to ESB later. >>> >>> Rajika >>> >>> >>> >>>> >>>> Paul >>>> >>>> On 28 February 2011 04:35, Rajika Kumarasiri <[email protected]> wrote: >>>> >>>>> I need to store some passwords in GREG. Is there a way to achieve this >>>>> ? >>>>> >>>>> Rajika >>>>> >>>>> _______________________________________________ >>>>> Carbon-dev mailing list >>>>> [email protected] >>>>> http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>>> >>>>> >>>> >>>> >>>> -- >>>> Paul Fremantle >>>> CTO and Co-Founder, WSO2 >>>> OASIS WS-RX TC Co-chair, VP, Apache Synapse >>>> >>>> Office: +44 844 484 8143 >>>> Cell: +44 798 447 4618 >>>> >>>> blog: http://pzf.fremantle.org >>>> twitter.com/pzfreo >>>> [email protected] >>>> >>>> wso2.com Lean Enterprise Middleware >>>> >>>> Disclaimer: This communication may contain privileged or other >>>> confidential information and is intended exclusively for the addressee/s. >>>> If >>>> you are not the intended recipient/s, or believe that you may have received >>>> this communication in error, please reply to the sender indicating that >>>> fact >>>> and delete the copy you received and in addition, you should not print, >>>> copy, retransmit, disseminate, or otherwise use the information contained >>>> in >>>> this communication. Internet communications cannot be guaranteed to be >>>> timely, secure, error or virus-free. The sender does not accept liability >>>> for any errors or omissions. >>>> >>> >>> >> >> >> -- >> Paul Fremantle >> CTO and Co-Founder, WSO2 >> OASIS WS-RX TC Co-chair, VP, Apache Synapse >> >> Office: +44 844 484 8143 >> Cell: +44 798 447 4618 >> >> blog: http://pzf.fremantle.org >> twitter.com/pzfreo >> [email protected] >> >> wso2.com Lean Enterprise Middleware >> >> Disclaimer: This communication may contain privileged or other >> confidential information and is intended exclusively for the addressee/s. If >> you are not the intended recipient/s, or believe that you may have received >> this communication in error, please reply to the sender indicating that fact >> and delete the copy you received and in addition, you should not print, >> copy, retransmit, disseminate, or otherwise use the information contained in >> this communication. Internet communications cannot be guaranteed to be >> timely, secure, error or virus-free. The sender does not accept liability >> for any errors or omissions. >> > > > > -- > Paul Fremantle > CTO and Co-Founder, WSO2 > OASIS WS-RX TC Co-chair, VP, Apache Synapse > > Office: +44 844 484 8143 > Cell: +44 798 447 4618 > > blog: http://pzf.fremantle.org > twitter.com/pzfreo > [email protected] > > wso2.com Lean Enterprise Middleware > > Disclaimer: This communication may contain privileged or other confidential > information and is intended exclusively for the addressee/s. If you are not > the intended recipient/s, or believe that you may have received this > communication in error, please reply to the sender indicating that fact and > delete the copy you received and in addition, you should not print, copy, > retransmit, disseminate, or otherwise use the information contained in this > communication. Internet communications cannot be guaranteed to be timely, > secure, error or virus-free. The sender does not accept liability for any > errors or omissions. > > _______________________________________________ > Carbon-dev mailing list > [email protected] > http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev > > -- Thanks & Regards, Prabath http://blog.facilelogin.com http://RampartFAQ.com
_______________________________________________ Carbon-dev mailing list [email protected] http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
