Sorry, I didn’t quite get it. Does it mean that we have to use a formatter to do the conversion from JSON to XML, and then from XML to JSON back to browser client?
From: KasunG Gajasinghe [mailto:[email protected]] Sent: Tuesday, September 13, 2016 9:29 PM To: wenxzhen Cc: Thusitha Thilina Dayaratne; WSO2 Developers' List Subject: Re: [Dev] About the runtime architecture of WSO2 Application Server On Tue, Sep 13, 2016 at 5:51 PM, wenxzhen <[email protected]> wrote: The CarbonTomcatRealm is good to do the Authentication, sorry to miss that the Applications need to create their own Users, Roles and etc. Therefore we do need a Service endpoint for User Management or we need to provide a common library. Furthermore, the Client Web applications provides the JSON messages in HTTP/HTTPs to AS, How to workaround this requirement? I've used the AuthenticationAdmin with XML. See the following curl request. I figured out the message format by looking at the 'login' operation of the WSDL [3]. curl -vk https://localhost:9443/services/AuthenticationAdmin/login -d "<ns:loginRequest xmlns:ns='http://authentication.services.core.carbon.wso2.org'><username>admin</username><password>admin</password><remoteAddress></remoteAddress></ns:loginRequest>" --header 'Content-Type: application/xml' User management can be done with UserAdmin service which is mentioned in the same link I sent before. [3] https://github.com/wso2/carbon-kernel/blob/4.4.x/core/org.wso2.carbon.authenticator.proxy/src/main/resources/AuthenticationAdmin.wsdl#L192 Thanks, Wenxing From: KasunG Gajasinghe [mailto:[email protected]] Sent: Tuesday, September 13, 2016 7:59 PM To: wenxzhen Cc: Thusitha Thilina Dayaratne; WSO2 Developers' List Subject: Re: [Dev] About the runtime architecture of WSO2 Application Server Hi wenxzhen, User management is one of the strong suites of the WSO2 platform. For web applications, a Tomcat realm called CarbonTomcatRealm [1] is provided that can authenticate web applications. This transparently works with web.xml security-constraints for "container managed security" of Tomcat. But if you do require a more flexible way to handle authentication and authorization, then you can use the AuthenticationAdmin endpoint. This is not a REST API though, it is based on SOAP. Checkout the doc [2] for more info on this. If you are interested in this route, we can discuss how to workaround the SOAP requirements though! [1] https://github.com/wso2/carbon-kernel/blob/4.4.x/core/org.wso2.carbon.tomcat.ext/src/main/java/org/wso2/carbon/tomcat/ext/realms/CarbonTomcatRealm.java [2] https://docs.wso2.com/display/AM170/WSO2+Admin+Services Regards, KasunG On Tue, Sep 13, 2016 at 5:09 PM, wenxzhen <[email protected]> wrote: Yes, in some extent, we need to use the SSO but we need more: 1. We have App1 for CustomerA 2. We have another App2 for CustomerB 3. Both App1 and App2 are Web applications running on WSO2 AS, and both Apps needs to do the authorization and authentication 4. What would be the best practice to re-use the codes? I am thinking to wrap the User Management into a REST/JSON API, so that both App1 and App2 can access and JSON would be much more light weight Please kindly advice Thanks, Wenxing From: Thusitha Thilina Dayaratne [mailto:[email protected]] Sent: Tuesday, September 13, 2016 7:28 PM To: wenxzhen Cc: WSO2 Developers' List Subject: Re: [Dev] About the runtime architecture of WSO2 Application Server Hi Wenxing, Can you use the SingleSignOn for your requirment[1]? [1] - <https://docs.wso2.com/display/AS530/Using+SSO+with+Web+Applications> https://docs.wso2.com/display/AS530/Using+SSO+with+Web+Applications Thanks On Tue, Sep 13, 2016 at 4:25 PM, wenxzhen <[email protected]> wrote: Thanks to Rasika. We are using AS530. From the description of docs[2], it seems the Services in Jar file are being executed on the AXIS2 engine, therefore it should be in SOAP message. As we may have different/multiple SaaS applications, every application needs to do the authorization and authentication against the user management tables. Does the Carbon or AS by default provides a REST API to do the work? Or can we provide a REST/JSON API for the user management to simplify the work or reuse the codes? Any potential issue we may meet on the way to go? Thanks again, Best, Wenxing From: Rasika Perera [mailto:[email protected]] Sent: Tuesday, September 13, 2016 6:29 PM To: 郑文兴 Cc: WSO2 Developers' List Subject: Re: [Dev] About the runtime architecture of WSO2 Application Server Hi Wenxing, Please refer docs [1] and [2] for Services/Applications deployment. WSO2 Applications Server deploys the web applications on an internal embedded Tomcat server. Hence, apps are served through tomcats threads pool. You can find more higher level architecture of WSO2 AS on doc link[3]. Let us know which version you are using If you need further details. Thanks, Rasika [1] https://docs.wso2.com/display/AS530/Application+Development+and+Deployment [2] https://docs.wso2.com/display/AS530/Services+Development+and+Deployment [3] https://docs.wso2.com/display/AS530/Architecture On Tue, Sep 13, 2016 at 10:57 AM, 郑文兴 <[email protected]> wrote: Dear all, During the running of the WSO2 AS, how will the Services/Applications be run or scheduled on the Application Server? Are they running on different processes or threads? Please shed some light and share more details on the architecture. Appreciated for your kindly help. Best, Wenxing _______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev -- With Regards, Rasika Perera Software Engineer LinkedIn: http://lk.linkedin.com/in/rasika90 <https://wso2.com/signature> wso2-signature-general.png WSO2 Inc. <http://www.wso2.com/> www.wso2.com lean.enterprise.middleware _______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev -- Thusitha Dayaratne Software Engineer WSO2 Inc. - lean . enterprise . middleware | <http://wso2.com/> wso2.com Mobile +94712756809 <tel:%2B94712756809> Blog alokayasoya.blogspot.com About http://about.me/thusithathilina <http://wso2.com/signature> _______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev -- Kasun Gajasinghe Associate Technical Lead, WSO2 Inc. email: kasung AT spamfree wso2.com linked-in: http://lk.linkedin.com/in/gajasinghe blog: http://kasunbg.org -- Kasun Gajasinghe Associate Technical Lead, WSO2 Inc. email: kasung AT spamfree wso2.com linked-in: http://lk.linkedin.com/in/gajasinghe blog: http://kasunbg.org
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
