On Wed, Nov 2, 2011 at 2:13 AM, Pradeep Fernando <[email protected]> wrote:
> Hi, > > The scenario: > * Within a registry handler we deploy a governance registry stored .car > file to a remote ESB. (There can be several ESB s and based on the API call > to GREG, we decide on the ESB instance) > * right now we keep remote ESB servers credentials as , > - URL > - username > - password. > > and during the client invocation we use these to get hold of the admin > cookie and upload the .car file. > > > This works fine, but my concern is, > > * I dont set the set the system properties such as > "javax.net.ssl.trustStore" since they are already available in the greg > runtime. So, I can;t configure these per > ESB. (All the remote ESB s as well as the GREG instance has the same set > of values for the properties, javax.net.ssl.trustStore, > javax.net.ssl.trustStorePassword, etc). I see this as a problem. > No, this is not a problem. A single truststore can have multiple certificates. > > * The URL, username and password of each remote instance are stored as a > registry artifact in plain text. > We need to encrypt this or find a better solution than storing in plain-text. This is just at the POC-level yet, hence its easier when its plain-text, so we'll get step #1 done right and then move to step #2. Thilina/Prabath, as in SSH, can't we have some form of Certificate-based authentication for carbon? Do we always need WS-Security to do that? or can't we just expose a non WS-Security based API for this using AuthenticationAdmin. Thanks, Senaka. > > How can I improve the above given scenarios ? Suggestions please. > > > thanks, > --Pradeep > > _______________________________________________ > Carbon-dev mailing list > [email protected] > http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev > > -- *Senaka Fernando* Product Manager - WSO2 Governance Registry; Associate Technical Lead; WSO2 Inc.; http://wso2.com* Member; Apache Software Foundation; http://apache.org E-mail: senaka AT wso2.com **P: +1 408 754 7388; ext: 51736*; *M: +94 77 322 1818 Linked-In: http://linkedin.com/in/senakafernando *Lean . Enterprise . Middleware
_______________________________________________ Carbon-dev mailing list [email protected] http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
