have two constructors .. for two scenarios --Srinath
On Tue, May 15, 2012 at 11:22 AM, Suhothayan Sriskandarajah <[email protected]>wrote: > > > On Tue, May 15, 2012 at 11:04 AM, Paul Fremantle <[email protected]> wrote: > >> Arg. >> >> I really think this is wrong. The API should not include >> secure/non-secure. The connection should manage that. >> >> yes we can discuss on the API and improve. > > Since in both cases Agent needs to login to the server, hence the users > need to provide both TSL and the Normal port > when instantiating the Agent, as follows ; > > DataPublisher dataPublisher = new > DataPublisher("tcp://localhost:7612","tcp://localhost:7613", "admin", > "admin"); > > Can you please suggest a proper syntax to indicate that this Data > Publisher is a secure one or a normal one > > Thanks > Suho > > >> This is correct: >> >>> The way it works currently is if Agent client connect to the secure port >>> the communication will be secure and if not insecure. So we can let users >>> to pick the port they need. >> >> >> This is not good: >> >>> public String secureDefineEventStream(String eventStreamDefinition) >>> public String secureFindEventStream(String name, String version) >>> public void securePublish(Event event) >> >> >> Paul >> >> On 15 May 2012 06:24, Suhothayan Sriskandarajah <[email protected]> wrote: >> >>> >>> >>> On Tue, May 15, 2012 at 10:17 AM, Amila Suriarachchi <[email protected]>wrote: >>> >>>> >>>> >>>> On Tue, May 15, 2012 at 8:40 AM, Srinath Perera <[email protected]>wrote: >>>> >>>>> I think we should also give #2 in the case for deployments that are >>>>> fully inside a firewall, and network is trusted. >>>>> >>>> >>>> The way it works currently is if Agent client connect to the secure >>>> port the communication will be secure and if not insecure. So we can let >>>> users to pick the port they need. >>>> >>> >>> With the update to the Agent Component now the users can decide how >>> they want to communicate, securely or insecurely >>> I think we need a code review on this. >>> >>> The current DataPublisher API looks like follows; >>> >>> public String defineEventStream(String eventStreamDefinition) >>> public String findEventStream(String name, String version) >>> public void publish(Event event) >>> >>> public String secureDefineEventStream(String eventStreamDefinition) >>> public String secureFindEventStream(String name, String version) >>> public void securePublish(Event event) >>> >>> >>> Here the user can decide how they want to send data and in addition >>> here both >>> secure and the normal mode can inter-operate. >>> >>> Thanks >>> Suho >>> >>> >>>> thanks, >>>> Amila. >>>> >>>> >>>>> >>>>> --Srinath >>>>> >>>>> On Mon, May 14, 2012 at 10:00 PM, Tharindu Mathew <[email protected]> >>>>> wrote: >>>>> > If performance is a concern, I suggest we provide two options: >>>>> > >>>>> > 1. Do all communication under HTTPS (TLS if possible) >>>>> > >>>>> > 2. Do communication after the Authentication step using the Thrift >>>>> native >>>>> > transport. >>>>> > >>>>> > #2 will show the true speed of thrift. #1 can be done when >>>>> information is >>>>> > sensitive, and performance is not the most important factor. >>>>> > >>>>> > >>>>> > On Mon, May 14, 2012 at 7:16 PM, Paul Fremantle <[email protected]> >>>>> wrote: >>>>> >> >>>>> >> I thought we agreed to use Thrift over TLS for all BAM events? I >>>>> don't see >>>>> >> how we can avoid that - this is secure, sensitive data. I don't >>>>> believe the >>>>> >> overhead will be too bad. >>>>> >> >>>>> >> There's a nice blog on it too :-) >>>>> >> >>>>> http://chamibuddhika.wordpress.com/2011/10/03/securing-a-thrift-service/ >>>>> >> >>>>> >> Paul >>>>> >> >>>>> >> >>>>> >> On 14 May 2012 14:06, Maninda Edirisooriya <[email protected]> >>>>> wrote: >>>>> >>> >>>>> >>> Yes. Your point is clear. I will do it only with IP and port of the >>>>> >>> thrift server as you mentioned. But as we have talked off line >>>>> there is a >>>>> >>> large security hole there. Due to performance requirements we >>>>> cannot >>>>> >>> implement Thrift over a secure channel. A passive attacker can >>>>> eavesdrop and >>>>> >>> and active attacker can modify the content transmitted to the >>>>> Thrift server >>>>> >>> as the content is not encrypted or signed. >>>>> >>> >>>>> >>> >>>>> >>> On Fri, May 11, 2012 at 7:17 PM, Amila Suriarachchi < >>>>> [email protected]> >>>>> >>> wrote: >>>>> >>>> >>>>> >>>> >>>>> >>>> >>>>> >>>> On Fri, May 11, 2012 at 5:17 PM, Paul Fremantle <[email protected]> >>>>> wrote: >>>>> >>>>> >>>>> >>>>> Wouldn't it be better to have the username/password, connection >>>>> >>>>> properties stored elsewhere under a logical name (BAM Server) >>>>> and the >>>>> >>>>> mediator config to choose: >>>>> >>>>> 1) which BAM server (i.e. which logical set, with a default) >>>>> >>>>> 2) what to log (e.g. just standard stuff - response time etc) or >>>>> whole >>>>> >>>>> message or specific properties >>>>> >>>>> >>>>> >>>>> It doesn't seem right that I might add one BAM server and have to >>>>> >>>>> define the URL, uid/pw in every flow. >>>>> >>>> >>>>> >>>> >>>>> >>>> +1. you can use the same concept we have used in CEP to define >>>>> brokers >>>>> >>>> and refer them in the bucket configurations. >>>>> >>>> >>>>> >>>> In the configuration, >>>>> >>>> >>>>> >>>> there is a Agent server URL and another port. This communication >>>>> >>>> actually happens through thrift so you may not need a https >>>>> address there. I >>>>> >>>> think the only thing you need to have is Agent Host and port. >>>>> >>>> >>>>> >>>> thanks, >>>>> >>>> Amila. >>>>> >>>> >>>>> >>>>> >>>>> >>>>> Paul >>>>> >>>>> >>>>> >>>>> On 11 May 2012 12:36, Tharindu Mathew <[email protected]> wrote: >>>>> >>>>>> >>>>> >>>>>> Let's think about re-using the Activity Mediation BE as well... >>>>> >>>>>> Someone may prefer to configure this and re-use in the mediator. >>>>> >>>>>> >>>>> >>>>>> >>>>> >>>>>> On Fri, May 11, 2012 at 12:41 PM, Maninda Edirisooriya >>>>> >>>>>> <[email protected]> wrote: >>>>> >>>>>>> >>>>> >>>>>>> Here it is. Properties are not shown here but expect to >>>>> include that >>>>> >>>>>>> as a table as in the existing class mediator. >>>>> >>>>>>> Feedbacks are welcome. >>>>> >>>>>>> >>>>> >>>>>>> >>>>> >>>>>>> On Thu, May 10, 2012 at 9:43 PM, Tharindu Mathew < >>>>> [email protected]> >>>>> >>>>>>> wrote: >>>>> >>>>>>>> >>>>> >>>>>>>> Can you include a screen shot of how it looks through the >>>>> Mediator >>>>> >>>>>>>> UI? >>>>> >>>>>>>> >>>>> >>>>>>>> On Thu, May 10, 2012 at 7:23 PM, Maninda Edirisooriya >>>>> >>>>>>>> <[email protected]> wrote: >>>>> >>>>>>>>> >>>>> >>>>>>>>> I am implementing a built in mediator for ESB as mediation >>>>> data >>>>> >>>>>>>>> agent for BAM. Already we have an existing class mediator >>>>> for bam but this >>>>> >>>>>>>>> new BAM mediator will be a first class citizen in ESB which >>>>> will enable the >>>>> >>>>>>>>> user to simply click and add the BAM mediator to the >>>>> mediator sequence. >>>>> >>>>>>>>> At the moment we have added a sketch of the code to >>>>> >>>>>>>>> >>>>> https://svn.wso2.org/repos/wso2/carbon/platform/trunk/components/mediators/bam/ >>>>> >>>>>>>>> . It is still not added to the main build. We have planned >>>>> to add this to >>>>> >>>>>>>>> the build after reviewing the code. >>>>> >>>>>>>>> Basic architecture is given in >>>>> >>>>>>>>> >>>>> https://docs.google.com/a/wso2.com/document/d/1axpgrWv1bLCT_B-2U567LAIJO2ydO9-ckitjAXmYG8Q/edit >>>>> >>>>>>>>> >>>>> >>>>>>>>> _______________________________________________ >>>>> >>>>>>>>> Architecture mailing list >>>>> >>>>>>>>> [email protected] >>>>> >>>>>>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>>> >>>>>>>>> >>>>> >>>>>>>> >>>>> >>>>>>>> >>>>> >>>>>>>> >>>>> >>>>>>>> -- >>>>> >>>>>>>> Regards, >>>>> >>>>>>>> >>>>> >>>>>>>> Tharindu >>>>> >>>>>>>> >>>>> >>>>>>>> blog: http://mackiemathew.com/ >>>>> >>>>>>>> M: +94777759908 >>>>> >>>>>>>> >>>>> >>>>>>>> >>>>> >>>>>>>> _______________________________________________ >>>>> >>>>>>>> Architecture mailing list >>>>> >>>>>>>> [email protected] >>>>> >>>>>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>>> >>>>>>>> >>>>> >>>>>>> >>>>> >>>>>> >>>>> >>>>>> >>>>> >>>>>> >>>>> >>>>>> -- >>>>> >>>>>> Regards, >>>>> >>>>>> >>>>> >>>>>> Tharindu >>>>> >>>>>> >>>>> >>>>>> blog: http://mackiemathew.com/ >>>>> >>>>>> M: +94777759908 >>>>> >>>>>> >>>>> >>>>>> >>>>> >>>>>> _______________________________________________ >>>>> >>>>>> Dev mailing list >>>>> >>>>>> [email protected] >>>>> >>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>> >>>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> >>>>> Paul Fremantle >>>>> >>>>> CTO and Co-Founder, WSO2 >>>>> >>>>> OASIS WS-RX TC Co-chair, VP, Apache Synapse >>>>> >>>>> >>>>> >>>>> UK: +44 207 096 0336 >>>>> >>>>> US: +1 646 595 7614 >>>>> >>>>> >>>>> >>>>> blog: http://pzf.fremantle.org >>>>> >>>>> twitter.com/pzfreo >>>>> >>>>> [email protected] >>>>> >>>>> >>>>> >>>>> wso2.com Lean Enterprise Middleware >>>>> >>>>> >>>>> >>>>> Disclaimer: This communication may contain privileged or other >>>>> >>>>> confidential information and is intended exclusively for the >>>>> addressee/s. If >>>>> >>>>> you are not the intended recipient/s, or believe that you may >>>>> have received >>>>> >>>>> this communication in error, please reply to the sender >>>>> indicating that fact >>>>> >>>>> and delete the copy you received and in addition, you should not >>>>> print, >>>>> >>>>> copy, retransmit, disseminate, or otherwise use the information >>>>> contained in >>>>> >>>>> this communication. Internet communications cannot be guaranteed >>>>> to be >>>>> >>>>> timely, secure, error or virus-free. The sender does not accept >>>>> liability >>>>> >>>>> for any errors or omissions. >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> _______________________________________________ >>>>> >>>>> Dev mailing list >>>>> >>>>> [email protected] >>>>> >>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>> >>>>> >>>>> >>>> >>>>> >>>> >>>>> >>>> >>>>> >>>> -- >>>>> >>>> Amila Suriarachchi >>>>> >>>> >>>>> >>>> Software Architect >>>>> >>>> WSO2 Inc. ; http://wso2.com >>>>> >>>> lean . enterprise . middleware >>>>> >>>> >>>>> >>>> phone : +94 71 3082805 >>>>> >>>> >>>>> >>>> >>>>> >>>> _______________________________________________ >>>>> >>>> Dev mailing list >>>>> >>>> [email protected] >>>>> >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>> >>>> >>>>> >>> >>>>> >> >>>>> >> >>>>> >> >>>>> >> -- >>>>> >> Paul Fremantle >>>>> >> CTO and Co-Founder, WSO2 >>>>> >> OASIS WS-RX TC Co-chair, VP, Apache Synapse >>>>> >> >>>>> >> UK: +44 207 096 0336 >>>>> >> US: +1 646 595 7614 >>>>> >> >>>>> >> blog: http://pzf.fremantle.org >>>>> >> twitter.com/pzfreo >>>>> >> [email protected] >>>>> >> >>>>> >> wso2.com Lean Enterprise Middleware >>>>> >> >>>>> >> Disclaimer: This communication may contain privileged or other >>>>> >> confidential information and is intended exclusively for the >>>>> addressee/s. If >>>>> >> you are not the intended recipient/s, or believe that you may have >>>>> received >>>>> >> this communication in error, please reply to the sender indicating >>>>> that fact >>>>> >> and delete the copy you received and in addition, you should not >>>>> print, >>>>> >> copy, retransmit, disseminate, or otherwise use the information >>>>> contained in >>>>> >> this communication. Internet communications cannot be guaranteed to >>>>> be >>>>> >> timely, secure, error or virus-free. The sender does not accept >>>>> liability >>>>> >> for any errors or omissions. >>>>> >> >>>>> >> >>>>> >> _______________________________________________ >>>>> >> Dev mailing list >>>>> >> [email protected] >>>>> >> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>> >> >>>>> > >>>>> > >>>>> > >>>>> > -- >>>>> > Regards, >>>>> > >>>>> > Tharindu >>>>> > >>>>> > blog: http://mackiemathew.com/ >>>>> > M: +94777759908 >>>>> > >>>>> > >>>>> > _______________________________________________ >>>>> > Architecture mailing list >>>>> > [email protected] >>>>> > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>>> > >>>>> >>>>> >>>>> >>>>> -- >>>>> ============================ >>>>> Srinath Perera, Ph.D. >>>>> http://www.cs.indiana.edu/~hperera/ >>>>> http://srinathsview.blogspot.com/ >>>>> _______________________________________________ >>>>> Architecture mailing list >>>>> [email protected] >>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>>> >>>> >>>> >>>> >>>> -- >>>> *Amila Suriarachchi* >>>> >>>> Software Architect >>>> WSO2 Inc. ; http://wso2.com >>>> lean . enterprise . middleware >>>> >>>> phone : +94 71 3082805 >>>> >>>> >>>> _______________________________________________ >>>> Architecture mailing list >>>> [email protected] >>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>> >>>> >>> >>> >>> -- >>> *S. Suhothayan >>> * >>> Software Engineer, >>> Data Technologies Team, >>> *WSO2, Inc. **http://wso2.com >>> <http://wso2.com/>* >>> *lean.enterprise.middleware.* >>> >>> *email: **[email protected]* <[email protected]>* cell: (+94) 779 756 757 >>> blog: **http://suhothayan.blogspot.com/*<http://suhothayan.blogspot.com/> >>> * >>> twitter: **http://twitter.com/suhothayan*<http://twitter.com/suhothayan> >>> * >>> linked-in: **http://lk.linkedin.com/in/suhothayan* >>> * >>> * >>> >>> >>> _______________________________________________ >>> Dev mailing list >>> [email protected] >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >> >> -- >> Paul Fremantle >> CTO and Co-Founder, WSO2 >> OASIS WS-RX TC Co-chair, VP, Apache Synapse >> >> UK: +44 207 096 0336 >> US: +1 646 595 7614 >> >> blog: http://pzf.fremantle.org >> twitter.com/pzfreo >> [email protected] >> >> wso2.com Lean Enterprise Middleware >> >> Disclaimer: This communication may contain privileged or other >> confidential information and is intended exclusively for the addressee/s. >> If you are not the intended recipient/s, or believe that you may have >> received this communication in error, please reply to the sender indicating >> that fact and delete the copy you received and in addition, you should not >> print, copy, retransmit, disseminate, or otherwise use the information >> contained in this communication. Internet communications cannot be >> guaranteed to be timely, secure, error or virus-free. The sender does not >> accept liability for any errors or omissions. >> >> > > > -- > *S. Suhothayan > * > Software Engineer, > Data Technologies Team, > *WSO2, Inc. **http://wso2.com > <http://wso2.com/>* > *lean.enterprise.middleware.* > > *email: **[email protected]* <[email protected]>* cell: (+94) 779 756 757 > blog: **http://suhothayan.blogspot.com/* <http://suhothayan.blogspot.com/> > * > twitter: **http://twitter.com/suhothayan* <http://twitter.com/suhothayan>* > linked-in: **http://lk.linkedin.com/in/suhothayan* > * > * > > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- ============================ Srinath Perera, Ph.D. Senior Software Architect, WSO2 Inc. Visiting Faculty, University of Moratuwa Member, Apache Software Foundation Research Scientist, Lanka Software Foundation Blog: http://srinathsview.blogspot.com/ Photos: http://www.flickr.com/photos/hemapani/ Phone: 0772360902
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
