On Tue, Mar 15, 2011 at 6:03 PM, Danushka Menikkumbura <[email protected]>wrote:
> So, userStoreManager.authenticate(username, password) and > userStoreManager.authenticate(access key, secret key) should yield the same > result? > As I have mentioned in a separate mail AWS authentication is based on symmetric key signature. At the qpid level you can always assume user sends the username and password (password can be the global key if invocation happens in the same jvm). thanks, Amila. > > Thanks, > Danushka > > > On Tue, Mar 15, 2011 at 5:52 PM, Paul Fremantle <[email protected]> wrote: > >> >> >> On 15 March 2011 12:02, Danushka Menikkumbura <[email protected]> wrote: >> >>> The access key cannot be the username because it is a 20 digit key. See >>>> >>>> http://docs.amazonwebservices.com/AWSSimpleQueueService/2009-02-01/SQSGettingStartedGuide/ >>>> So we need to do something to make it fit that. >>>> >>> >>> When you sign up for an AWS account you get an auto-generated access key >>> and a secret key. >>> >>> I'm still not clear if the secret key is stored separately or just >>>> something we calculate from their existing password? >>>> >>> >>> We have to deal with two scenarios here IMO. Those who come through the >>> WS API and those who need to use Messageboxes in their Carbon components. >>> For the former I think we need to have a provisioning mechanism similar to >>> AWS account sign up. >>> >>> >> We don't need *provisioning*. We already provision users. We just need a >> simple way that an existing user with an existing account can find out what >> their access key/secret key is. >> >> Paul >> >> >>> The bottom line is that auth/authz is handled by Qpid underneath using >>> Carbon user store manager and authorization manager. So the credentials >>> created at the time of SQS account creation (if we are going to support >>> that) should be transparent to the user store manager and the authz manager. >>> >> >> >> >> >>> >>> Thanks, >>> Danushka >>> >> >> >> >> -- >> Paul Fremantle >> CTO and Co-Founder, WSO2 >> OASIS WS-RX TC Co-chair, VP, Apache Synapse >> >> Office: <%2B44%20844%20484%208143>+44 844 484 8143 >> Cell: <%2B44%20798%20447%204618>+44 798 447 4618 >> >> blog: http://pzf.fremantle.org >> twitter.com/pzfreo >> [email protected] >> >> wso2.com Lean Enterprise Middleware >> >> Disclaimer: This communication may contain privileged or other >> confidential information and is intended exclusively for the addressee/s. If >> you are not the intended recipient/s, or believe that you may have received >> this communication in error, please reply to the sender indicating that fact >> and delete the copy you received and in addition, you should not print, >> copy, retransmit, disseminate, or otherwise use the information contained in >> this communication. Internet communications cannot be guaranteed to be >> timely, secure, error or virus-free. The sender does not accept liability >> for any errors or omissions. >> > > > _______________________________________________ > Carbon-dev mailing list > [email protected] > http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev > >
_______________________________________________ Carbon-dev mailing list [email protected] http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
