AFAIU, Yes with a slight modification since API Manager code get the benefit of the existing pluggable key manager mechanism.
On Tue, Apr 5, 2016 at 12:57 PM, Dinusha Senanayaka <dinu...@wso2.com> wrote: > We should be able to get the DCR and Token Validation CFX interceptor from > the APIM right ? > > Regards, > Dinusha. > > On Tue, Apr 5, 2016 at 12:35 PM, Rushmin Fernando <rush...@wso2.com> > wrote: > >> Problem >> ------------ >> >> The Store / Publisher ReST APIs in WSO2 App Manager are being re-written, >> adopting Apache CXF. These APIs should be protected using OAuth >> >> Proposed Solution >> ------------------------- >> >> (Please see the attached diagrams) >> >> *Dynamic Client Registration (DCR) and Token Management* >> >> There will be a web app (oauth-provide.war) which provides the following >> functionalities. >> >> i) Dynamic client registration (DCR) >> ii) Token management. (e.g. token generation, token revocation) >> >> >> *Token Validation* >> >> A CFX interceptor will be engaged to the Store / Publisher ReST API >> endpoints. This interceptor will handle token validation. >> >> >> *Authorization* >> >> OAuth scopes will be used to manage authorization. The implementation >> will be the same scopes implementation as the WSO2 API Manager ReST APIs [1] >> >> >> Thanks >> Rushmin >> >> [1] - >> http://wso2.com/library/articles/2015/11/article-introducing-wso2-api-manager-new-rest-api-for-store-and-publisher-operations/ >> >> >> >> -- >> *Rushmin Fernando* >> *Technical Lead* >> >> WSO2 Inc. <http://wso2.com/> - Lean . Enterprise . Middleware >> >> email : rush...@wso2.com >> mobile : +94772310855 >> >> >> > > > -- > Dinusha Dilrukshi > Associate Technical Lead > WSO2 Inc.: http://wso2.com/ > Mobile: +94725255071 > Blog: http://dinushasblog.blogspot.com/ > -- *Rushmin Fernando* *Technical Lead* WSO2 Inc. <http://wso2.com/> - Lean . Enterprise . Middleware email : rush...@wso2.com mobile : +94772310855
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture