On Mon, Feb 23, 2015 at 5:43 PM, Ranga Siriwardena ra...@wso2.com wrote:
Hi All,
During the API Manager Key Manager separation, we identified that we will
need to authenticate to identity components as signed in user instead of
admin user which is pre-configured in api-manager configuration.
With mutual-auth, authentication happens for particular user and user name
is send as a header for authentication. If the client is trusted and the
user is a valid user, then that user is identified as the signed in user.
Thank You.
Ranga.
On Mon, Feb 23, 2015 at 5:52 PM, Nuwan Dias
Actually in mutual authenticator we check for the certificate in the
header, which will set if only mutual auth is successful.
So idea here is since server trust the client, we trust the user.
BTW, mutual authenticator have problems with AWS elb. So this won't be able
to use in such places. So in
I don't think using SAML is a viable option because API Manager should work
without configuring SAMLSSO. For example, currently you can login to Store
with direct username/password authentication from the userstore connected
to AM.
If we are opting for SAMLSSO, then that means either depending on
Hi Ranga/Dulanja,
(for 1) can't we do this by sending the SAML assertion form API store to IS
side
--
With regards,
*Manu*ranga Perera.
phone : 071 7 70 20 50
mail : m...@wso2.com
___
Architecture mailing list
Architecture@wso2.org
On Mon, Feb 23, 2015 at 5:43 PM, Ranga Siriwardena ra...@wso2.com wrote:
Hi All,
During the API Manager Key Manager separation, we identified that we will
need to authenticate to identity components as signed in user instead of
admin user which is pre-configured in api-manager configuration.