Re: [Architecture] Having separate keystore (private key) for each token signing in WSO2IS

Hi Asela, On Thu, Apr 20, 2017 at 7:02 PM Asela Pathberiya wrote: > On Thu, Apr 20, 2017 at 6:46 PM, Johann Nallathamby > wrote: > >> >> >> On Thu, Apr 20, 2017 at 3:27 PM, Asela Pathberiya wrote: >> >>> >>> >>> On Tue, Apr 18, 2017 at 11:51

Re: [Architecture] Access token for API testing in Publisher and Store

On 20 April 2017 at 19:19, Joseph Fonseka wrote: > > > On Thu, Apr 20, 2017 at 5:17 PM, Lakmali Baminiwatta > wrote: >> >> >> So here also, the store users are end users of the test application where >> they can invoke any subscribed APIs with a valid token.

Re: [Architecture] Having separate keystore (private key) for each token signing in WSO2IS

On Thu, Apr 20, 2017 at 7:02 PM, Asela Pathberiya wrote: > > > On Thu, Apr 20, 2017 at 6:46 PM, Johann Nallathamby > wrote: > >> >> >> On Thu, Apr 20, 2017 at 3:27 PM, Asela Pathberiya wrote: >> >>> >>> >>> On Tue, Apr 18, 2017 at 11:51 AM,

Re: [Architecture] Access token for API testing in Publisher and Store

On Thu, Apr 20, 2017 at 5:17 PM, Lakmali Baminiwatta wrote: > > > So here also, the store users are end users of the test application where > they can invoke any subscribed APIs with a valid token. Given that we will > set proper throttling limits as well, I think its not a

Re: [Architecture] Having separate keystore (private key) for each token signing in WSO2IS

On Thu, Apr 20, 2017 at 6:46 PM, Johann Nallathamby wrote: > > > On Thu, Apr 20, 2017 at 3:27 PM, Asela Pathberiya wrote: > >> >> >> On Tue, Apr 18, 2017 at 11:51 AM, Asela Pathberiya >> wrote: >> >>> >>> >>> On Mon, Apr 17, 2017 at 12:00 PM,

Re: [Architecture] Having separate keystore (private key) for each token signing in WSO2IS

On Thu, Apr 20, 2017 at 3:27 PM, Asela Pathberiya wrote: > > > On Tue, Apr 18, 2017 at 11:51 AM, Asela Pathberiya wrote: > >> >> >> On Mon, Apr 17, 2017 at 12:00 PM, Godwin Shrimal wrote: >> >>> +1 to have separate keystores for secure vault &

Re: [Architecture] [C5] [APIM] Frnot End scope validation

Hi Ishara, Please see my comments inline. On Thu, Apr 20, 2017 at 11:08 AM, Ishara Cooray wrote: > Hi, > > Previous versions(Before C5) of APIM Publisher, Store Apps front end > validations were done based on user roles. > > But with C5 we think of fine graining User

Re: [Architecture] [APIM] [C5] Single sign on support in API Manager 3.0

On Wed, Apr 5, 2017 at 9:04 AM, Harsha Thirimanna wrote: > > > On Apr 1, 2017 10:37 PM, "Farasath Ahamed" wrote: > > > > > > On Sat, Apr 1, 2017 at 11:27 AM, Bhathiya Jayasekara > wrote: > >> >> >> On Sat, Apr 1, 2017 at 1:39 AM,

Re: [Architecture] Having separate keystore (private key) for each token signing in WSO2IS

On Tue, Apr 18, 2017 at 11:51 AM, Asela Pathberiya wrote: > > > On Mon, Apr 17, 2017 at 12:00 PM, Godwin Shrimal wrote: > >> +1 to have separate keystores for secure vault & token signing. Any >> reason/use case to have separate kesytores for each token signing

Re: [Architecture] [C5] [APIM] Frnot End scope validation

On Thu, Apr 20, 2017 at 11:08 AM, Ishara Cooray wrote: > Hi, > > Previous versions(Before C5) of APIM Publisher, Store Apps front end > validations were done based on user roles. > > But with C5 we think of fine graining User Interfaces by controlling > access to UI components