Hi All, During past few days I experimented the feasibility of integrating WSO2 Identity server with Airavata as a third party user store.
WSO2 Identity server supports OAuth out of the box. it does both token issuing and token validation. Since the Airavata gateways are mainly web based gateways the most suitable OAuth flow will be the implicit flow. Each thrift RPC will have to be changed to accommodate the new token parameter. In the server side for token validation we will have to integrate a component as shown in the diagram[1]. Also WSO2 server supports mutual authentication. Therefore the token validation between the Airavata API and the WSO2 IS can be done securely. Therefore we can easily integrate a WSO2 IS with Airavata for the users who wants user management functionality and at the same time achieve security aspects in the Airavata API. Secondly for the users who does the user management by them selves we can provide a separate Authentication API as shown in the diagram and establish token based service level authorization for the Airavata API. I have put the details about this proposed solution in the diagram[1] itself. Regards Supun Nakandala [1] - https://docs.google.com/file/d/0B0A4_fh8ecDdR0RQM2R3UGVrSkE/edit
