On Sun, Jul 27, 2014 at 11:56 PM, Dinusha Senanayaka <[email protected]> wrote:
> > > > On Mon, Jul 28, 2014 at 11:44 AM, Nirodha Pramod <[email protected]> wrote: > >> Hi Sanjeewa, >> >> Ain't it a wrong design? IMO if the APPLICATION TOKEN is generated in >> the KeyManager node (which you configure the server url in the store), then >> it should read the validity period from the key manager node itself at the >> time of token generation. I dont understand why it reads the validity >> period from store node's configuration and then generate the token in >> keymanager node. Configuring all the nodes in the same way is not a good >> solution. >> > > Once the store/key-maanger nodes are separated, we could not read the > identity.xml of key-manager from the store using file system. To do that, > we need to expose a service that could read the identity.xml properties. > But this complicate the implementation and introduce additional service > call in the store load. So defining it in store is ok IMO. > +1. > > Regards, > Dinusha. > >> >> thanks, >> Nirodha >> >> >> On Mon, Jul 28, 2014 at 11:35 AM, Sanjeewa Malalgoda <[email protected]> >> wrote: >> >>> The reason for this issue is, in API store when we generate token >>> default validity time will pick from store nodes config file. Then you will >>> see store nodes validity period(configured in identity.xml) in token >>> validity period box. But if you send token generation request(user access >>> token) to key manager through gateway then it will eventually hit key >>> manager. Then validity period in key manager will effect. There is no >>> logical reason for this. We need to add this configuration to all nodes in >>> same way. >>> >>> Thanks, >>> sanjeewa. >>> >>> >>> On Sun, Jul 27, 2014 at 10:56 PM, Asanthi Kulasinghe <[email protected]> >>> wrote: >>> >>>> Hi, >>>> >>>> We have observed that the token expiration times in a API-Manager >>>> Clustered set up for token types Application access token and User access >>>> token, are taken from the values set in 2 different nodes. >>>> >>>> ie: >>>> <ApplicationAccessTokenDefaultValidityPeriod> value of the Store >>>> node's identity.xml is considered for Application access token expiration >>>> time. >>>> <UserAccessTokenDefaultValidityPeriod> value of the Key Manager node's >>>> identity.xml is considered for the User access token expiration time. >>>> >>>> Is there a logical reason behind this or should the values set in Key >>>> Manager node be considered for both token types? >>>> >>>> Regards >>>> *Asanthi Kulasinghe* >>>> WSO2 Inc; http://www.wso2.com/. >>>> Mobile: +94777355522 >>>> >>>> >>>> >>>> _______________________________________________ >>>> Dev mailing list >>>> [email protected] >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>>> >>> >>> >>> -- >>> >>> *Sanjeewa Malalgoda* >>> WSO2 Inc. >>> Mobile : +94713068779 >>> >>> <http://sanjeewamalalgoda.blogspot.com/>blog >>> :http://sanjeewamalalgoda.blogspot.com/ >>> <http://sanjeewamalalgoda.blogspot.com/> >>> >>> >>> >>> _______________________________________________ >>> Dev mailing list >>> [email protected] >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >> >> -- >> >> *Nirodha Gallage* >> Senior Software Engineer, QA. >> WSO2 Inc.: http://wso2.com/ >> Mobile: +94716429078 >> >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > Dinusha Dilrukshi > Senior Software Engineer > WSO2 Inc.: http://wso2.com/ > Mobile: +94725255071 > Blog: http://dinushasblog.blogspot.com/ > -- *Sanjeewa Malalgoda* WSO2 Inc. Mobile : +94713068779 <http://sanjeewamalalgoda.blogspot.com/>blog :http://sanjeewamalalgoda.blogspot.com/ <http://sanjeewamalalgoda.blogspot.com/>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
