I feel that, having a configuration file for authentication / authorization gives us more control over selecting the authentication mechanisms.
In current IS, it uses is a rest-auth framework [1] which looks for a configuration file to see whether a certain resource is protected or not. I think we can add an optional field for the authenticator (mutual SSL) for a resource, so that authenticator will be used rather than going trough the registered authenticator chain. [1] - https://github.com/wso2-extensions/identity-carbon-auth-rest On Mon, Jan 16, 2017 at 9:43 AM, Nuwan Dias <nuw...@wso2.com> wrote: > > > On Mon, Jan 16, 2017 at 9:38 AM, Bhathiya Jayasekara <bhath...@wso2.com> > wrote: > >> Hi all, >> >> I'd like to add another related concern here. There can be internal APIs >> (server to server) which may not be exposed to the outside. For example, >> context loading and subscription loading APIs between API Gateway and API >> Core. For them, I don't think we need OAuth or any kind of authorization >> mechanism because it simply needs some kind of authentication mechanism >> only. I believe we can use mutual SSL for this. But since these APIs are >> msf4j services, we will need per-service mutual SSL support from msf4j. >> > > Yes, that makes sense. I don't think we should categorize those as product > APIs since they're meant for internal components of the product to > communicate with each other. > >> >> Thanks, >> Bhathiya >> > > > > -- > Nuwan Dias > > Software Architect - WSO2, Inc. http://wso2.com > email : nuw...@wso2.com > Phone : +94 777 775 729 <+94%2077%20777%205729> > > _______________________________________________ > Architecture mailing list > Architecture@wso2.org > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- *Best Regards* *Rushmin Fernando* *Technical Lead* WSO2 Inc. <http://wso2.com/> - Lean . Enterprise . Middleware mobile : +94775615183
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
