Hi Nadeeshaan, Yes, that's a good idea. Will do like that. Thank you so much for your suggestion.
Thanks, Thishani On Mon, Jan 15, 2018 at 9:30 AM, Nadeeshaan Gunasinghe <[email protected]> wrote: > Hi Thishani, > > Yeah, that makes sense. So when trying to save, we will prompt with a > warning and if the user wishes to continue we remove the element and > proceed. WDYT? > > Cheers, > *Nadeeshaan Gunasinghe* > Senior Software Engineer, WSO2 Inc. http://wso2.com > +94770596754 | [email protected] | Skype: nadeeshaan.gunasinghe > <#m_-3873564493008841809_> > <http://www.facebook.com/nadeeshaan.gunasinghe> > <http://lk.linkedin.com/in/nadeeshaan> <http://twitter.com/Nadeeshaan> > <http://nadeeshaan.blogspot.com/> > Get your own email signature > <https://wisestamp.com/email-install?utm_source=promotion&utm_medium=signature&utm_campaign=get_your_own> > > On Mon, Jan 15, 2018 at 9:25 AM, Thishani Lucas <[email protected]> wrote: > >> Hi Nadeeshaan, >> >> That sounds good. If we remove the policy element, the proxy will not be >> marked secure. But shouldn't we tell the user that he's trying to save a >> proxy without enabling the security, when he actually needs security? >> >> Thanks, >> Thishani >> >> On Sun, Jan 14, 2018 at 6:15 PM, Nadeeshaan Gunasinghe < >> [email protected]> wrote: >> >>> Hi Thishani, >>> >>> What if we allow saving the proxy and internally we remove the policy >>> element? >>> >>> Cheers, >>> >>> *Nadeeshaan Gunasinghe* >>> Senior Software Engineer, WSO2 Inc. http://wso2.com >>> +94770596754 | [email protected] | Skype: nadeeshaan.gunasinghe >>> <#m_-3873564493008841809_m_-6585691684464879059_m_3251148601859864474_> >>> <http://www.facebook.com/nadeeshaan.gunasinghe> >>> <http://lk.linkedin.com/in/nadeeshaan> <http://twitter.com/Nadeeshaan> >>> <http://nadeeshaan.blogspot.com/> >>> Get your own email signature >>> <https://wisestamp.com/email-install?utm_source=promotion&utm_medium=signature&utm_campaign=get_your_own> >>> >>> On Fri, Jan 12, 2018 at 12:37 PM, Thishani Lucas <[email protected]> >>> wrote: >>> >>>> Hi All, >>>> >>>> According to the issue [1], when deploying a proxy in the EI with a >>>> policy key defined and without the 'enableSec' element, the proxy is >>>> getting deployed. When accessing even the http endpoint, we need to give >>>> authorization details. When I reproduced this scenario, I had certain >>>> observations. >>>> >>>> - Even though security is disabled, the proxy is marked as secure. >>>> - To access the proxy, we need to give authorization details. But >>>> the access is not controlled by the given policy file. >>>> - We could access the proxy even with incorrect username and >>>> password. >>>> >>>> To overcome this issue, the obvious solution is to disable the saving >>>> of proxy with the policy key when security is disabled. >>>> >>>> Please provide your suggestions. >>>> >>>> [1] https://wso2.org/jira/browse/ESBJAVA-4459 >>>> >>>> Thanks, >>>> Thishani >>>> >>>> -- >>>> Regards, >>>> >>>> *Thishani Lucas* >>>> *Software Engineer* >>>> *WSO2 Lanka (Private) Limited**: http://wso2.com <http://wso2.com/>* >>>> *lean.enterprise.middle-ware* >>>> >>>> *Tel: +94 77 2556931 <+94%2077%20255%206931> * >>>> >>>> *LinkedIn: https://www.linkedin.com/in/thishani-lucas/ >>>> <https://www.linkedin.com/in/thishani-lucas/>* >>>> >>>> <http://wso2.com/signature> >>>> >>>> _______________________________________________ >>>> Dev mailing list >>>> [email protected] >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>>> >>> >> >> >> -- >> Regards, >> >> *Thishani Lucas* >> *Software Engineer* >> *WSO2 Lanka (Private) Limited**: http://wso2.com <http://wso2.com/>* >> *lean.enterprise.middle-ware* >> >> *Tel: +94 77 2556931 <+94%2077%20255%206931> * >> >> *LinkedIn: https://www.linkedin.com/in/thishani-lucas/ >> <https://www.linkedin.com/in/thishani-lucas/>* >> >> <http://wso2.com/signature> >> > > -- Regards, *Thishani Lucas* *Software Engineer* *WSO2 Lanka (Private) Limited**: http://wso2.com <http://wso2.com/>* *lean.enterprise.middle-ware* *Tel: +94 77 2556931 * *LinkedIn: https://www.linkedin.com/in/thishani-lucas/ <https://www.linkedin.com/in/thishani-lucas/>* <http://wso2.com/signature>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
