On Tue, May 15, 2012 at 10:17 AM, Amila Suriarachchi <[email protected]> wrote:
> > > On Tue, May 15, 2012 at 8:40 AM, Srinath Perera <[email protected]> wrote: > >> I think we should also give #2 in the case for deployments that are >> fully inside a firewall, and network is trusted. >> > > The way it works currently is if Agent client connect to the secure port > the communication will be secure and if not insecure. So we can let users > to pick the port they need. > With the update to the Agent Component now the users can decide how they want to communicate, securely or insecurely I think we need a code review on this. The current DataPublisher API looks like follows; public String defineEventStream(String eventStreamDefinition) public String findEventStream(String name, String version) public void publish(Event event) public String secureDefineEventStream(String eventStreamDefinition) public String secureFindEventStream(String name, String version) public void securePublish(Event event) Here the user can decide how they want to send data and in addition here both secure and the normal mode can inter-operate. Thanks Suho > thanks, > Amila. > > >> >> --Srinath >> >> On Mon, May 14, 2012 at 10:00 PM, Tharindu Mathew <[email protected]> >> wrote: >> > If performance is a concern, I suggest we provide two options: >> > >> > 1. Do all communication under HTTPS (TLS if possible) >> > >> > 2. Do communication after the Authentication step using the Thrift >> native >> > transport. >> > >> > #2 will show the true speed of thrift. #1 can be done when information >> is >> > sensitive, and performance is not the most important factor. >> > >> > >> > On Mon, May 14, 2012 at 7:16 PM, Paul Fremantle <[email protected]> wrote: >> >> >> >> I thought we agreed to use Thrift over TLS for all BAM events? I don't >> see >> >> how we can avoid that - this is secure, sensitive data. I don't >> believe the >> >> overhead will be too bad. >> >> >> >> There's a nice blog on it too :-) >> >> >> http://chamibuddhika.wordpress.com/2011/10/03/securing-a-thrift-service/ >> >> >> >> Paul >> >> >> >> >> >> On 14 May 2012 14:06, Maninda Edirisooriya <[email protected]> wrote: >> >>> >> >>> Yes. Your point is clear. I will do it only with IP and port of the >> >>> thrift server as you mentioned. But as we have talked off line there >> is a >> >>> large security hole there. Due to performance requirements we cannot >> >>> implement Thrift over a secure channel. A passive attacker can >> eavesdrop and >> >>> and active attacker can modify the content transmitted to the Thrift >> server >> >>> as the content is not encrypted or signed. >> >>> >> >>> >> >>> On Fri, May 11, 2012 at 7:17 PM, Amila Suriarachchi <[email protected]> >> >>> wrote: >> >>>> >> >>>> >> >>>> >> >>>> On Fri, May 11, 2012 at 5:17 PM, Paul Fremantle <[email protected]> >> wrote: >> >>>>> >> >>>>> Wouldn't it be better to have the username/password, connection >> >>>>> properties stored elsewhere under a logical name (BAM Server) and >> the >> >>>>> mediator config to choose: >> >>>>> 1) which BAM server (i.e. which logical set, with a default) >> >>>>> 2) what to log (e.g. just standard stuff - response time etc) or >> whole >> >>>>> message or specific properties >> >>>>> >> >>>>> It doesn't seem right that I might add one BAM server and have to >> >>>>> define the URL, uid/pw in every flow. >> >>>> >> >>>> >> >>>> +1. you can use the same concept we have used in CEP to define >> brokers >> >>>> and refer them in the bucket configurations. >> >>>> >> >>>> In the configuration, >> >>>> >> >>>> there is a Agent server URL and another port. This communication >> >>>> actually happens through thrift so you may not need a https address >> there. I >> >>>> think the only thing you need to have is Agent Host and port. >> >>>> >> >>>> thanks, >> >>>> Amila. >> >>>> >> >>>>> >> >>>>> Paul >> >>>>> >> >>>>> On 11 May 2012 12:36, Tharindu Mathew <[email protected]> wrote: >> >>>>>> >> >>>>>> Let's think about re-using the Activity Mediation BE as well... >> >>>>>> Someone may prefer to configure this and re-use in the mediator. >> >>>>>> >> >>>>>> >> >>>>>> On Fri, May 11, 2012 at 12:41 PM, Maninda Edirisooriya >> >>>>>> <[email protected]> wrote: >> >>>>>>> >> >>>>>>> Here it is. Properties are not shown here but expect to include >> that >> >>>>>>> as a table as in the existing class mediator. >> >>>>>>> Feedbacks are welcome. >> >>>>>>> >> >>>>>>> >> >>>>>>> On Thu, May 10, 2012 at 9:43 PM, Tharindu Mathew < >> [email protected]> >> >>>>>>> wrote: >> >>>>>>>> >> >>>>>>>> Can you include a screen shot of how it looks through the >> Mediator >> >>>>>>>> UI? >> >>>>>>>> >> >>>>>>>> On Thu, May 10, 2012 at 7:23 PM, Maninda Edirisooriya >> >>>>>>>> <[email protected]> wrote: >> >>>>>>>>> >> >>>>>>>>> I am implementing a built in mediator for ESB as mediation data >> >>>>>>>>> agent for BAM. Already we have an existing class mediator for >> bam but this >> >>>>>>>>> new BAM mediator will be a first class citizen in ESB which >> will enable the >> >>>>>>>>> user to simply click and add the BAM mediator to the mediator >> sequence. >> >>>>>>>>> At the moment we have added a sketch of the code to >> >>>>>>>>> >> https://svn.wso2.org/repos/wso2/carbon/platform/trunk/components/mediators/bam/ >> >>>>>>>>> . It is still not added to the main build. We have planned to >> add this to >> >>>>>>>>> the build after reviewing the code. >> >>>>>>>>> Basic architecture is given in >> >>>>>>>>> >> https://docs.google.com/a/wso2.com/document/d/1axpgrWv1bLCT_B-2U567LAIJO2ydO9-ckitjAXmYG8Q/edit >> >>>>>>>>> >> >>>>>>>>> _______________________________________________ >> >>>>>>>>> Architecture mailing list >> >>>>>>>>> [email protected] >> >>>>>>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >>>>>>>>> >> >>>>>>>> >> >>>>>>>> >> >>>>>>>> >> >>>>>>>> -- >> >>>>>>>> Regards, >> >>>>>>>> >> >>>>>>>> Tharindu >> >>>>>>>> >> >>>>>>>> blog: http://mackiemathew.com/ >> >>>>>>>> M: +94777759908 >> >>>>>>>> >> >>>>>>>> >> >>>>>>>> _______________________________________________ >> >>>>>>>> Architecture mailing list >> >>>>>>>> [email protected] >> >>>>>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >>>>>>>> >> >>>>>>> >> >>>>>> >> >>>>>> >> >>>>>> >> >>>>>> -- >> >>>>>> Regards, >> >>>>>> >> >>>>>> Tharindu >> >>>>>> >> >>>>>> blog: http://mackiemathew.com/ >> >>>>>> M: +94777759908 >> >>>>>> >> >>>>>> >> >>>>>> _______________________________________________ >> >>>>>> Dev mailing list >> >>>>>> [email protected] >> >>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >>>>>> >> >>>>> >> >>>>> >> >>>>> >> >>>>> -- >> >>>>> Paul Fremantle >> >>>>> CTO and Co-Founder, WSO2 >> >>>>> OASIS WS-RX TC Co-chair, VP, Apache Synapse >> >>>>> >> >>>>> UK: +44 207 096 0336 >> >>>>> US: +1 646 595 7614 >> >>>>> >> >>>>> blog: http://pzf.fremantle.org >> >>>>> twitter.com/pzfreo >> >>>>> [email protected] >> >>>>> >> >>>>> wso2.com Lean Enterprise Middleware >> >>>>> >> >>>>> Disclaimer: This communication may contain privileged or other >> >>>>> confidential information and is intended exclusively for the >> addressee/s. If >> >>>>> you are not the intended recipient/s, or believe that you may have >> received >> >>>>> this communication in error, please reply to the sender indicating >> that fact >> >>>>> and delete the copy you received and in addition, you should not >> print, >> >>>>> copy, retransmit, disseminate, or otherwise use the information >> contained in >> >>>>> this communication. Internet communications cannot be guaranteed to >> be >> >>>>> timely, secure, error or virus-free. The sender does not accept >> liability >> >>>>> for any errors or omissions. >> >>>>> >> >>>>> >> >>>>> _______________________________________________ >> >>>>> Dev mailing list >> >>>>> [email protected] >> >>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >>>>> >> >>>> >> >>>> >> >>>> >> >>>> -- >> >>>> Amila Suriarachchi >> >>>> >> >>>> Software Architect >> >>>> WSO2 Inc. ; http://wso2.com >> >>>> lean . enterprise . middleware >> >>>> >> >>>> phone : +94 71 3082805 >> >>>> >> >>>> >> >>>> _______________________________________________ >> >>>> Dev mailing list >> >>>> [email protected] >> >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >>>> >> >>> >> >> >> >> >> >> >> >> -- >> >> Paul Fremantle >> >> CTO and Co-Founder, WSO2 >> >> OASIS WS-RX TC Co-chair, VP, Apache Synapse >> >> >> >> UK: +44 207 096 0336 >> >> US: +1 646 595 7614 >> >> >> >> blog: http://pzf.fremantle.org >> >> twitter.com/pzfreo >> >> [email protected] >> >> >> >> wso2.com Lean Enterprise Middleware >> >> >> >> Disclaimer: This communication may contain privileged or other >> >> confidential information and is intended exclusively for the >> addressee/s. If >> >> you are not the intended recipient/s, or believe that you may have >> received >> >> this communication in error, please reply to the sender indicating >> that fact >> >> and delete the copy you received and in addition, you should not print, >> >> copy, retransmit, disseminate, or otherwise use the information >> contained in >> >> this communication. Internet communications cannot be guaranteed to be >> >> timely, secure, error or virus-free. The sender does not accept >> liability >> >> for any errors or omissions. >> >> >> >> >> >> _______________________________________________ >> >> Dev mailing list >> >> [email protected] >> >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> >> > >> > >> > >> > -- >> > Regards, >> > >> > Tharindu >> > >> > blog: http://mackiemathew.com/ >> > M: +94777759908 >> > >> > >> > _______________________________________________ >> > Architecture mailing list >> > [email protected] >> > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> > >> >> >> >> -- >> ============================ >> Srinath Perera, Ph.D. >> http://www.cs.indiana.edu/~hperera/ >> http://srinathsview.blogspot.com/ >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> > > > > -- > *Amila Suriarachchi* > > Software Architect > WSO2 Inc. ; http://wso2.com > lean . enterprise . middleware > > phone : +94 71 3082805 > > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- *S. Suhothayan * Software Engineer, Data Technologies Team, *WSO2, Inc. **http://wso2.com <http://wso2.com/>* *lean.enterprise.middleware.* *email: **[email protected]* <[email protected]>* cell: (+94) 779 756 757 blog: **http://suhothayan.blogspot.com/* <http://suhothayan.blogspot.com/>* twitter: **http://twitter.com/suhothayan* <http://twitter.com/suhothayan>* linked-in: **http://lk.linkedin.com/in/suhothayan* * *
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
