Re: [Architecture] [Feature] Storing the application certificate in the database.

Hi Rushmin, Any reason to use SP_APP table to persist the certificate? We have a table called SP_METADATA to SP related metadata. I think we can use that table without changing any DB Schema. WDYT? Thanks Godwin On Fri, Jan 5, 2018 at 1:33 PM, Rushmin Fernando wrote: > > >

Re: [Architecture] [Feature] Storing the application certificate in the database.

On Fri, Jan 5, 2018 at 11:55 AM, Isura Karunaratne wrote: > Hi Rushmin, > > On Fri, Jan 5, 2018 at 11:50 AM, Hasanthi Purnima Dissanayake < > hasan...@wso2.com> wrote: > >> Hi Rushmin, >> >> *How is this done now?* >>> >>> The application certificate should be imported to the

Re: [Architecture] [Feature] Storing the application certificate in the database.

Hi Rushmin, *How is this done now?* > > The application certificate should be imported to the keystore file and > the alias should be mentioned in the service provider so that the service > provider can validate the signature against the certificate identified by > that alias. > If we have the

Re: [Architecture] [IAM] JWT client authentication for OAuth 2.0 for IS 5.5.0

Please see [1] to read more about storing the application certificate in the database. [1] - Mail Thread: '[Feature] Storing the application certificate in the database.' On Fri, Jan 5, 2018 at 11:08 AM, Prakhash Sivakumar wrote: > > > On Fri, Jan 5, 2018 at 9:47 AM,

[Architecture] [Feature] Storing the application certificate in the database.

In the identity server, a service provider represents the application which uses the Identity Server as an Identity Provider. In some cases, Identity Server needs to validate the identity of the application to make sure the authentication/authorization requests are coming from the legitimate

Re: [Architecture] [IAM] JWT client authentication for OAuth 2.0 for IS 5.5.0

On Fri, Jan 5, 2018 at 9:47 AM, Hasanthi Purnima Dissanayake < hasan...@wso2.com> wrote: > Hi Isura/Omindu, > > Which data are supposed to store in IDN_JWT_PRIVATE_KEY table? What is >> the reason to store those data? >> > > In the patch that we have provided for 5.3.0 , this table contains >

Re: [Architecture] [IAM] JWT client authentication for OAuth 2.0 for IS 5.5.0

On Fri, Jan 5, 2018 at 10:08 AM, Hasintha Indrajee wrote: > > > On Thu, Jan 4, 2018 at 4:32 PM, Hasanthi Purnima Dissanayake < > hasan...@wso2.com> wrote: > >> Hi All, >> >> Following tasks are identified for the implementation for the $subject. >> >> 1. Move the logic of

Re: [Architecture] [IAM] JWT client authentication for OAuth 2.0 for IS 5.5.0

On Thu, Jan 4, 2018 at 4:32 PM, Hasanthi Purnima Dissanayake < hasan...@wso2.com> wrote: > Hi All, > > Following tasks are identified for the implementation for the $subject. > > 1. Move the logic of validating the token API invocation request to > validate required parameters for JWT client

Re: [Architecture] [IAM] JWT client authentication for OAuth 2.0 for IS 5.5.0

+Hasintha On Fri, Jan 5, 2018 at 9:47 AM, Hasanthi Purnima Dissanayake < hasan...@wso2.com> wrote: > Hi Isura/Omindu, > > Which data are supposed to store in IDN_JWT_PRIVATE_KEY table? What is >> the reason to store those data? >> > > In the patch that we have provided for 5.3.0 , this table

Re: [Architecture] [IAM] JWT client authentication for OAuth 2.0 for IS 5.5.0

Hi Isura/Omindu, Which data are supposed to store in IDN_JWT_PRIVATE_KEY table? What is the > reason to store those data? > In the patch that we have provided for 5.3.0 , this table contains following fields. JWT_ID (primary key) EXP_TIME TIME_CREATED JWT_ID is an unique identifier for the

Re: [Architecture] WSO2 API Manager 2.1.0-update5 Released !

Hi All, The link above to download the WSO2 APIM 2.1.0-update5 distribution seems to be broken so you can download the distribution from [1]. [1] WSO2 APIM 2.1.0-update5.zip

Re: [Architecture] [IAM] JWT client authentication for OAuth 2.0 for IS 5.5.0

Hi Hasanthi, On Thu, Jan 4, 2018 at 4:32 PM, Hasanthi Purnima Dissanayake < hasan...@wso2.com> wrote: > Hi All, > > Following tasks are identified for the implementation for the $subject. > > 1. Move the logic of validating the token API invocation request to > validate required parameters for

[Architecture] WSO2 Identity Server 5.4.0 Update3 Released !!!

The WSO2 Identity and Access Management team is pleased to announce the release of WSO2 Identity Server 5.4.0 Update3. You can build the distribution from the source tag, Runtime: https://github.com/wso2/product-is/releases/tag/v5.4.0-update3 follow the steps given below. *Building from the

Re: [Architecture] Sharing common SPA components within and between product(s)

Hi If we want to share components among projects/teams a natural approach is to create a component library which is a common practice with organizations working with React. But having a component library creates a another set of problems and following medium post [1] has good explanation of them.

[Architecture] WSO2 API Manager 3.0.0-M12 Released!

The WSO2 API Manager team is pleased to announce the release of API Manager 3.0.0-M12. It's now available to download. Distribution - https://github.com/wso2/product-apim/releases/download/v3.0.0-m12/wso2apim-3.0.0-m12.zip -

[Architecture] WSO2 API Manager 2.1.0-update5 Released !

The WSO2 API Manager team is pleased to announce the release of version 2.1.0-update5 of API Manager. WSO2 API Manager is a platform for creating, managing, consuming and monitoring APIs. It employs proven SOA best practices to solve a wide range of API management challenges such as API

Re: [Architecture] Sharing common SPA components within and between product(s)

Hi, We also faced this issue while working on the App manager component for the IOT Server. We had to reuse some of the components in App publisher and Store and this approach (creating a separate npm repository) was the solution we were also thinking. +1 for the idea. Thanks and Regards, Menaka

[Architecture] [IAM] JWT client authentication for OAuth 2.0 for IS 5.5.0

Hi All, Following tasks are identified for the implementation for the $subject. 1. Move the logic of validating the token API invocation request to validate required parameters for JWT client authentication to PrivatekeyJWTClientAuthHandler 2. Introduce a new interface to read the public

Re: [Architecture] Sharing common SPA components within and between product(s)

Hi Manuranga, We could share packages within the carbon-apimgt repo with npm link as a local module but if someone outside carbon-apimgt needs to get the common JS files, they have to clone the whole carbon-apimgt repo and run npm link. And also I have noticed that the symbolic link created by