On Tue, May 15, 2012 at 11:28 AM, Srinath Perera <[email protected]> wrote:
> have two constructors .. for two scenarios
>
> If so will this do ?
DataPublisher dataPublisher1 = new
*SecureDataPublisher*("tcp://localhost:7613",
"admin", "admin");
DataPublisher dataPublisher2 = new
*DataPublisher*("tcp://localhost:7612","tcp://localhost:7613",
"admin", "admin");
or we prefer
DataPublisher dataPublisher = new
DataPublisher("tcp://localhost:7612","tcp://localhost:7613", "admin",
"admin", *true/false*);
Thanks
Suho
--Srinath
>
>
> On Tue, May 15, 2012 at 11:22 AM, Suhothayan Sriskandarajah <[email protected]
> > wrote:
>
>>
>>
>> On Tue, May 15, 2012 at 11:04 AM, Paul Fremantle <[email protected]> wrote:
>>
>>> Arg.
>>>
>>> I really think this is wrong. The API should not include
>>> secure/non-secure. The connection should manage that.
>>>
>>> yes we can discuss on the API and improve.
>>
>> Since in both cases Agent needs to login to the server, hence the users
>> need to provide both TSL and the Normal port
>> when instantiating the Agent, as follows ;
>>
>> DataPublisher dataPublisher = new
>> DataPublisher("tcp://localhost:7612","tcp://localhost:7613", "admin",
>> "admin");
>>
>> Can you please suggest a proper syntax to indicate that this Data
>> Publisher is a secure one or a normal one
>>
>> Thanks
>> Suho
>>
>>
>>> This is correct:
>>>
>>>> The way it works currently is if Agent client connect to the secure
>>>> port the communication will be secure and if not insecure. So we can let
>>>> users to pick the port they need.
>>>
>>>
>>> This is not good:
>>>
>>>> public String secureDefineEventStream(String eventStreamDefinition)
>>>> public String secureFindEventStream(String name, String version)
>>>> public void securePublish(Event event)
>>>
>>>
>>> Paul
>>>
>>> On 15 May 2012 06:24, Suhothayan Sriskandarajah <[email protected]> wrote:
>>>
>>>>
>>>>
>>>> On Tue, May 15, 2012 at 10:17 AM, Amila Suriarachchi <[email protected]>wrote:
>>>>
>>>>>
>>>>>
>>>>> On Tue, May 15, 2012 at 8:40 AM, Srinath Perera <[email protected]>wrote:
>>>>>
>>>>>> I think we should also give #2 in the case for deployments that are
>>>>>> fully inside a firewall, and network is trusted.
>>>>>>
>>>>>
>>>>> The way it works currently is if Agent client connect to the secure
>>>>> port the communication will be secure and if not insecure. So we can let
>>>>> users to pick the port they need.
>>>>>
>>>>
>>>> With the update to the Agent Component now the users can decide how
>>>> they want to communicate, securely or insecurely
>>>> I think we need a code review on this.
>>>>
>>>> The current DataPublisher API looks like follows;
>>>>
>>>> public String defineEventStream(String eventStreamDefinition)
>>>> public String findEventStream(String name, String version)
>>>> public void publish(Event event)
>>>>
>>>> public String secureDefineEventStream(String eventStreamDefinition)
>>>> public String secureFindEventStream(String name, String version)
>>>> public void securePublish(Event event)
>>>>
>>>>
>>>> Here the user can decide how they want to send data and in addition
>>>> here both
>>>> secure and the normal mode can inter-operate.
>>>>
>>>> Thanks
>>>> Suho
>>>>
>>>>
>>>>> thanks,
>>>>> Amila.
>>>>>
>>>>>
>>>>>>
>>>>>> --Srinath
>>>>>>
>>>>>> On Mon, May 14, 2012 at 10:00 PM, Tharindu Mathew <[email protected]>
>>>>>> wrote:
>>>>>> > If performance is a concern, I suggest we provide two options:
>>>>>> >
>>>>>> > 1. Do all communication under HTTPS (TLS if possible)
>>>>>> >
>>>>>> > 2. Do communication after the Authentication step using the Thrift
>>>>>> native
>>>>>> > transport.
>>>>>> >
>>>>>> > #2 will show the true speed of thrift. #1 can be done when
>>>>>> information is
>>>>>> > sensitive, and performance is not the most important factor.
>>>>>> >
>>>>>> >
>>>>>> > On Mon, May 14, 2012 at 7:16 PM, Paul Fremantle <[email protected]>
>>>>>> wrote:
>>>>>> >>
>>>>>> >> I thought we agreed to use Thrift over TLS for all BAM events? I
>>>>>> don't see
>>>>>> >> how we can avoid that - this is secure, sensitive data. I don't
>>>>>> believe the
>>>>>> >> overhead will be too bad.
>>>>>> >>
>>>>>> >> There's a nice blog on it too :-)
>>>>>> >>
>>>>>> http://chamibuddhika.wordpress.com/2011/10/03/securing-a-thrift-service/
>>>>>> >>
>>>>>> >> Paul
>>>>>> >>
>>>>>> >>
>>>>>> >> On 14 May 2012 14:06, Maninda Edirisooriya <[email protected]>
>>>>>> wrote:
>>>>>> >>>
>>>>>> >>> Yes. Your point is clear. I will do it only with IP and port of
>>>>>> the
>>>>>> >>> thrift server as you mentioned. But as we have talked off line
>>>>>> there is a
>>>>>> >>> large security hole there. Due to performance requirements we
>>>>>> cannot
>>>>>> >>> implement Thrift over a secure channel. A passive attacker can
>>>>>> eavesdrop and
>>>>>> >>> and active attacker can modify the content transmitted to the
>>>>>> Thrift server
>>>>>> >>> as the content is not encrypted or signed.
>>>>>> >>>
>>>>>> >>>
>>>>>> >>> On Fri, May 11, 2012 at 7:17 PM, Amila Suriarachchi <
>>>>>> [email protected]>
>>>>>> >>> wrote:
>>>>>> >>>>
>>>>>> >>>>
>>>>>> >>>>
>>>>>> >>>> On Fri, May 11, 2012 at 5:17 PM, Paul Fremantle <[email protected]>
>>>>>> wrote:
>>>>>> >>>>>
>>>>>> >>>>> Wouldn't it be better to have the username/password, connection
>>>>>> >>>>> properties stored elsewhere under a logical name (BAM Server)
>>>>>> and the
>>>>>> >>>>> mediator config to choose:
>>>>>> >>>>> 1) which BAM server (i.e. which logical set, with a default)
>>>>>> >>>>> 2) what to log (e.g. just standard stuff - response time etc)
>>>>>> or whole
>>>>>> >>>>> message or specific properties
>>>>>> >>>>>
>>>>>> >>>>> It doesn't seem right that I might add one BAM server and have
>>>>>> to
>>>>>> >>>>> define the URL, uid/pw in every flow.
>>>>>> >>>>
>>>>>> >>>>
>>>>>> >>>> +1. you can use the same concept we have used in CEP to define
>>>>>> brokers
>>>>>> >>>> and refer them in the bucket configurations.
>>>>>> >>>>
>>>>>> >>>> In the configuration,
>>>>>> >>>>
>>>>>> >>>> there is a Agent server URL and another port. This communication
>>>>>> >>>> actually happens through thrift so you may not need a https
>>>>>> address there. I
>>>>>> >>>> think the only thing you need to have is Agent Host and port.
>>>>>> >>>>
>>>>>> >>>> thanks,
>>>>>> >>>> Amila.
>>>>>> >>>>
>>>>>> >>>>>
>>>>>> >>>>> Paul
>>>>>> >>>>>
>>>>>> >>>>> On 11 May 2012 12:36, Tharindu Mathew <[email protected]>
>>>>>> wrote:
>>>>>> >>>>>>
>>>>>> >>>>>> Let's think about re-using the Activity Mediation BE as well...
>>>>>> >>>>>> Someone may prefer to configure this and re-use in the
>>>>>> mediator.
>>>>>> >>>>>>
>>>>>> >>>>>>
>>>>>> >>>>>> On Fri, May 11, 2012 at 12:41 PM, Maninda Edirisooriya
>>>>>> >>>>>> <[email protected]> wrote:
>>>>>> >>>>>>>
>>>>>> >>>>>>> Here it is. Properties are not shown here but expect to
>>>>>> include that
>>>>>> >>>>>>> as a table as in the existing class mediator.
>>>>>> >>>>>>> Feedbacks are welcome.
>>>>>> >>>>>>>
>>>>>> >>>>>>>
>>>>>> >>>>>>> On Thu, May 10, 2012 at 9:43 PM, Tharindu Mathew <
>>>>>> [email protected]>
>>>>>> >>>>>>> wrote:
>>>>>> >>>>>>>>
>>>>>> >>>>>>>> Can you include a screen shot of how it looks through the
>>>>>> Mediator
>>>>>> >>>>>>>> UI?
>>>>>> >>>>>>>>
>>>>>> >>>>>>>> On Thu, May 10, 2012 at 7:23 PM, Maninda Edirisooriya
>>>>>> >>>>>>>> <[email protected]> wrote:
>>>>>> >>>>>>>>>
>>>>>> >>>>>>>>> I am implementing a built in mediator for ESB as mediation
>>>>>> data
>>>>>> >>>>>>>>> agent for BAM. Already we have an existing class mediator
>>>>>> for bam but this
>>>>>> >>>>>>>>> new BAM mediator will be a first class citizen in ESB which
>>>>>> will enable the
>>>>>> >>>>>>>>> user to simply click and add the BAM mediator to the
>>>>>> mediator sequence.
>>>>>> >>>>>>>>> At the moment we have added a sketch of the code to
>>>>>> >>>>>>>>>
>>>>>> https://svn.wso2.org/repos/wso2/carbon/platform/trunk/components/mediators/bam/
>>>>>> >>>>>>>>> . It is still not added to the main build. We have planned
>>>>>> to add this to
>>>>>> >>>>>>>>> the build after reviewing the code.
>>>>>> >>>>>>>>> Basic architecture is given in
>>>>>> >>>>>>>>>
>>>>>> https://docs.google.com/a/wso2.com/document/d/1axpgrWv1bLCT_B-2U567LAIJO2ydO9-ckitjAXmYG8Q/edit
>>>>>> >>>>>>>>>
>>>>>> >>>>>>>>> _______________________________________________
>>>>>> >>>>>>>>> Architecture mailing list
>>>>>> >>>>>>>>> [email protected]
>>>>>> >>>>>>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>>>>>> >>>>>>>>>
>>>>>> >>>>>>>>
>>>>>> >>>>>>>>
>>>>>> >>>>>>>>
>>>>>> >>>>>>>> --
>>>>>> >>>>>>>> Regards,
>>>>>> >>>>>>>>
>>>>>> >>>>>>>> Tharindu
>>>>>> >>>>>>>>
>>>>>> >>>>>>>> blog: http://mackiemathew.com/
>>>>>> >>>>>>>> M: +94777759908
>>>>>> >>>>>>>>
>>>>>> >>>>>>>>
>>>>>> >>>>>>>> _______________________________________________
>>>>>> >>>>>>>> Architecture mailing list
>>>>>> >>>>>>>> [email protected]
>>>>>> >>>>>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>>>>>> >>>>>>>>
>>>>>> >>>>>>>
>>>>>> >>>>>>
>>>>>> >>>>>>
>>>>>> >>>>>>
>>>>>> >>>>>> --
>>>>>> >>>>>> Regards,
>>>>>> >>>>>>
>>>>>> >>>>>> Tharindu
>>>>>> >>>>>>
>>>>>> >>>>>> blog: http://mackiemathew.com/
>>>>>> >>>>>> M: +94777759908
>>>>>> >>>>>>
>>>>>> >>>>>>
>>>>>> >>>>>> _______________________________________________
>>>>>> >>>>>> Dev mailing list
>>>>>> >>>>>> [email protected]
>>>>>> >>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>>>> >>>>>>
>>>>>> >>>>>
>>>>>> >>>>>
>>>>>> >>>>>
>>>>>> >>>>> --
>>>>>> >>>>> Paul Fremantle
>>>>>> >>>>> CTO and Co-Founder, WSO2
>>>>>> >>>>> OASIS WS-RX TC Co-chair, VP, Apache Synapse
>>>>>> >>>>>
>>>>>> >>>>> UK: +44 207 096 0336
>>>>>> >>>>> US: +1 646 595 7614
>>>>>> >>>>>
>>>>>> >>>>> blog: http://pzf.fremantle.org
>>>>>> >>>>> twitter.com/pzfreo
>>>>>> >>>>> [email protected]
>>>>>> >>>>>
>>>>>> >>>>> wso2.com Lean Enterprise Middleware
>>>>>> >>>>>
>>>>>> >>>>> Disclaimer: This communication may contain privileged or other
>>>>>> >>>>> confidential information and is intended exclusively for the
>>>>>> addressee/s. If
>>>>>> >>>>> you are not the intended recipient/s, or believe that you may
>>>>>> have received
>>>>>> >>>>> this communication in error, please reply to the sender
>>>>>> indicating that fact
>>>>>> >>>>> and delete the copy you received and in addition, you should
>>>>>> not print,
>>>>>> >>>>> copy, retransmit, disseminate, or otherwise use the information
>>>>>> contained in
>>>>>> >>>>> this communication. Internet communications cannot be
>>>>>> guaranteed to be
>>>>>> >>>>> timely, secure, error or virus-free. The sender does not accept
>>>>>> liability
>>>>>> >>>>> for any errors or omissions.
>>>>>> >>>>>
>>>>>> >>>>>
>>>>>> >>>>> _______________________________________________
>>>>>> >>>>> Dev mailing list
>>>>>> >>>>> [email protected]
>>>>>> >>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>>>> >>>>>
>>>>>> >>>>
>>>>>> >>>>
>>>>>> >>>>
>>>>>> >>>> --
>>>>>> >>>> Amila Suriarachchi
>>>>>> >>>>
>>>>>> >>>> Software Architect
>>>>>> >>>> WSO2 Inc. ; http://wso2.com
>>>>>> >>>> lean . enterprise . middleware
>>>>>> >>>>
>>>>>> >>>> phone : +94 71 3082805
>>>>>> >>>>
>>>>>> >>>>
>>>>>> >>>> _______________________________________________
>>>>>> >>>> Dev mailing list
>>>>>> >>>> [email protected]
>>>>>> >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>>>> >>>>
>>>>>> >>>
>>>>>> >>
>>>>>> >>
>>>>>> >>
>>>>>> >> --
>>>>>> >> Paul Fremantle
>>>>>> >> CTO and Co-Founder, WSO2
>>>>>> >> OASIS WS-RX TC Co-chair, VP, Apache Synapse
>>>>>> >>
>>>>>> >> UK: +44 207 096 0336
>>>>>> >> US: +1 646 595 7614
>>>>>> >>
>>>>>> >> blog: http://pzf.fremantle.org
>>>>>> >> twitter.com/pzfreo
>>>>>> >> [email protected]
>>>>>> >>
>>>>>> >> wso2.com Lean Enterprise Middleware
>>>>>> >>
>>>>>> >> Disclaimer: This communication may contain privileged or other
>>>>>> >> confidential information and is intended exclusively for the
>>>>>> addressee/s. If
>>>>>> >> you are not the intended recipient/s, or believe that you may have
>>>>>> received
>>>>>> >> this communication in error, please reply to the sender indicating
>>>>>> that fact
>>>>>> >> and delete the copy you received and in addition, you should not
>>>>>> print,
>>>>>> >> copy, retransmit, disseminate, or otherwise use the information
>>>>>> contained in
>>>>>> >> this communication. Internet communications cannot be guaranteed
>>>>>> to be
>>>>>> >> timely, secure, error or virus-free. The sender does not accept
>>>>>> liability
>>>>>> >> for any errors or omissions.
>>>>>> >>
>>>>>> >>
>>>>>> >> _______________________________________________
>>>>>> >> Dev mailing list
>>>>>> >> [email protected]
>>>>>> >> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>>>> >>
>>>>>> >
>>>>>> >
>>>>>> >
>>>>>> > --
>>>>>> > Regards,
>>>>>> >
>>>>>> > Tharindu
>>>>>> >
>>>>>> > blog: http://mackiemathew.com/
>>>>>> > M: +94777759908
>>>>>> >
>>>>>> >
>>>>>> > _______________________________________________
>>>>>> > Architecture mailing list
>>>>>> > [email protected]
>>>>>> > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>>>>>> >
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> ============================
>>>>>> Srinath Perera, Ph.D.
>>>>>> http://www.cs.indiana.edu/~hperera/
>>>>>> http://srinathsview.blogspot.com/
>>>>>> _______________________________________________
>>>>>> Architecture mailing list
>>>>>> [email protected]
>>>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> *Amila Suriarachchi*
>>>>>
>>>>> Software Architect
>>>>> WSO2 Inc. ; http://wso2.com
>>>>> lean . enterprise . middleware
>>>>>
>>>>> phone : +94 71 3082805
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Architecture mailing list
>>>>> [email protected]
>>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> *S. Suhothayan
>>>> *
>>>> Software Engineer,
>>>> Data Technologies Team,
>>>> *WSO2, Inc. **http://wso2.com
>>>> <http://wso2.com/>*
>>>> *lean.enterprise.middleware.*
>>>>
>>>> *email: **[email protected]* <[email protected]>* cell: (+94) 779 756 757
>>>> blog: **http://suhothayan.blogspot.com/*<http://suhothayan.blogspot.com/>
>>>> *
>>>> twitter: **http://twitter.com/suhothayan*<http://twitter.com/suhothayan>
>>>> *
>>>> linked-in: **http://lk.linkedin.com/in/suhothayan*
>>>> *
>>>> *
>>>>
>>>>
>>>> _______________________________________________
>>>> Dev mailing list
>>>> [email protected]
>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>>
>>>>
>>>
>>>
>>> --
>>> Paul Fremantle
>>> CTO and Co-Founder, WSO2
>>> OASIS WS-RX TC Co-chair, VP, Apache Synapse
>>>
>>> UK: +44 207 096 0336
>>> US: +1 646 595 7614
>>>
>>> blog: http://pzf.fremantle.org
>>> twitter.com/pzfreo
>>> [email protected]
>>>
>>> wso2.com Lean Enterprise Middleware
>>>
>>> Disclaimer: This communication may contain privileged or other
>>> confidential information and is intended exclusively for the addressee/s.
>>> If you are not the intended recipient/s, or believe that you may have
>>> received this communication in error, please reply to the sender indicating
>>> that fact and delete the copy you received and in addition, you should not
>>> print, copy, retransmit, disseminate, or otherwise use the information
>>> contained in this communication. Internet communications cannot be
>>> guaranteed to be timely, secure, error or virus-free. The sender does not
>>> accept liability for any errors or omissions.
>>>
>>>
>>
>>
>> --
>> *S. Suhothayan
>> *
>> Software Engineer,
>> Data Technologies Team,
>> *WSO2, Inc. **http://wso2.com
>> <http://wso2.com/>*
>> *lean.enterprise.middleware.*
>>
>> *email: **[email protected]* <[email protected]>* cell: (+94) 779 756 757
>> blog: **http://suhothayan.blogspot.com/*<http://suhothayan.blogspot.com/>
>> *
>> twitter: **http://twitter.com/suhothayan* <http://twitter.com/suhothayan>
>> *
>> linked-in: **http://lk.linkedin.com/in/suhothayan*
>> *
>> *
>>
>>
>> _______________________________________________
>> Architecture mailing list
>> [email protected]
>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>>
>>
>
>
> --
> ============================
> Srinath Perera, Ph.D.
> Senior Software Architect, WSO2 Inc.
> Visiting Faculty, University of Moratuwa
> Member, Apache Software Foundation
> Research Scientist, Lanka Software Foundation
> Blog: http://srinathsview.blogspot.com/
> Photos: http://www.flickr.com/photos/hemapani/
> Phone: 0772360902
>
> _______________________________________________
> Architecture mailing list
> [email protected]
> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>
>
--
*S. Suhothayan
*
Software Engineer,
Data Technologies Team,
*WSO2, Inc. **http://wso2.com
<http://wso2.com/>*
*lean.enterprise.middleware.*
*email: **[email protected]* <[email protected]>* cell: (+94) 779 756 757
blog: **http://suhothayan.blogspot.com/* <http://suhothayan.blogspot.com/>*
twitter: **http://twitter.com/suhothayan* <http://twitter.com/suhothayan>*
linked-in: **http://lk.linkedin.com/in/suhothayan*
*
*
_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev
