Samith, Why do we need validationkey.sampleapp.userdomain.com and not sampleapp.userdomain.com <http://validationkey.sampleapp.userdomain.com/> just CNAME record?
Adding either of them would require the same DNS ownership of the domain, right? Dmitry On Fri, Sep 12, 2014 at 2:58 PM, Samith Dassanayake <sam...@wso2.com> wrote: > In current implementation users can only specify the subdomain of the > custom URL, which is mapped under the domain wso2apps.com. In the 2nd > phase of usability improvement for custom URL, we will allow users to add > complete custom URL by having domain owner verification before setting up > the custom URL. On app creation, we will assign a production URL by > default, in the format of appid.tenantdomain.wso2apps.com and users can > change the URL as they want, based on the permissions and validity of the > domain. > > *User scenario:* > 1. User creates an app and gets sampleapp.tenantdomain.wso2apps.com URL > from AF, > 2. User wants to use sampleapp.userdomain.com <http://www.superapp.com/> > (which > he owns) apart from the given URL. > 3. User goes to his hosting service and adds CNAME mapping > sampleapp.userdomain.com <http://www.superapp.com/> to > sampleapp.tenantdomain.wso2apps.com. > 4. User goes to AF UI and tells AF to use sampleapp.userdomain.com > <http://www.superapp.com/> as production URL, > 5 AF will generate a validation key and ask user to add CNAME mapping > validationkey.sampleapp.userdomain.com to apps.cloud.wso2.com for > ownership validation. > 5. AF verifies that the ownership of the custom domain > 5.a. If YES: the LB is configured to accept the requests, > 5.b. If NO: user is asked to first add the CNAME DNS record at registrar > or retry in a few hours if record has been added recently and has not yet > propagated. > > For the ownership verification we planing to reuse the existing carbon > domain validation component[1]. When a user specifies a custom URL, AF will > generate a validation key and user has to add a CNAME record from > validationkey.sampleapp.userdomain.com to apps.cloud.wso2.com (AF). The > generated verification key will be saved against the custom URL( > sampleapp.userdomain.com <http://www.superapp.com/>) in the AF registry > and AF will verify the custom URL, by accessing the registry via > validationkey.sampleapp.userdomain.com. Once the custom URL is > validated, AF will send a request to LB to map sampleapp.userdomain.com > <http://www.superapp.com/> to app which is pointed by the > sampleapp.tenantdomain.wso2apps.com. Therefore once AF verify the custom > URL, user can use custom URL after the CNAME DNS record of > sampleapp.userdomain.com <http://www.superapp.com/> to > sampleapp.tenantdomain.wso2apps.com is propagated. > > [1] > https://github.com/wso2/platform/tree/master/components/stratos/domain-validator > > Suggestions, improvements and alternatives are welcome. > > Thank you > > -- > Best Regards > > Samith Dassanayake > Software Engineer, WSO2 Inc. > > -- Dmitry Sotnikov VP of Cloud; WSO2, Inc.; http://wso2.com/ email: dmi...@wso2.com; cell: +1.949.303.9653; Skype: DSotnikov Lean . Enterprise . Middleware <http://wso2.com/events/>
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
