Hi Chamod, Can user choose to expose API either OAuth or Basic authentication with this implementation?
We need to provide basic authentication agaist user store configured in the key manager. Because most of the timee, gateway won't share user stores. Please add the local user store authentication support as well. We need to look for possible caching mechanism for this. Since we do have mutual authentication as a security scheme, check the best way of providing the basic authentication Thanks, Harsha On Fri, Feb 15, 2019 at 9:07 PM Chamod Samarajeewa <cha...@wso2.com> wrote: > Adding architecture@wso2.org > > On Fri, Feb 15, 2019 at 5:18 PM Harsha Kumara <hars...@wso2.com> wrote: > >> Hi Chamod, >> >> Can user choose to expose API either OAuth or Basic authentication with >> this implementation? >> >> We need to provide basic authentication agaist user store configured in >> the key manager. Because most of the timee, gateway won't share user >> stores. Please add the local user store authentication support as well. We >> need to look for possible caching mechanism for this. >> >> Since we do have mutual authentication as a security scheme, check the >> best way of providing the basic authentication >> >> Thanks, >> Harsha >> >> On Fri, Feb 15, 2019 at 4:59 PM Chamod Samarajeewa <cha...@wso2.com> >> wrote: >> >>> Adding architect...@wso2.com. >>> >>> >>> ---------- Forwarded message --------- >>> From: Nuwan Dias <nuw...@wso2.com> >>> Date: Fri, Feb 15, 2019 at 3:01 PM >>> Subject: Re: Basic Authentication for APIM Gateway >>> To: Chamod Samarajeewa <cha...@wso2.com> >>> Cc: Architecture Team <architecture-t...@wso2.com>, APIM Team < >>> apim-gr...@wso2.com> >>> >>> >>> Chamod, this email should be sent to architecture@wso2.org. >>> >>> Thanks, >>> NuwanD. >>> >>> On Fri, Feb 15, 2019 at 2:37 PM Chamod Samarajeewa <cha...@wso2.com> >>> wrote: >>> >>>> Hi All, >>>> >>>> I have included the information in the Github issue here as well. >>>> >>>> *Requirements* >>>> >>>> >>>> Provide authentication for APIM Gateway with basic authentication which >>>> uses usernames and passwords. >>>> >>>> *Introduction* >>>> >>>> >>>> Providing feature of enabling basic authentication security schema to >>>> product APIM Gateway along with OAuth2 token-based authentication. The user >>>> will be benefited with using only OAuth2 token based authentication alone, >>>> using basic authentication alone and using both schemas at the same time. >>>> >>>> >>>> *Approach* >>>> >>>> >>>> [image: Basic Auth - APIM-GW-2.jpg] >>>> >>>> curl -k -X GET "https://10.100.0.201:8243/pizzashack/1.0.0/menu"; -H >>>> "accept: >>>> application/json" -H "Authorization: Basic $(echo -n username:password >>>> | base64)" >>>> >>>> The API Authentication Handler will forward the request to Basic Auth >>>> Authenticator or OAuth Authenticator based on the authorization header of >>>> the request. >>>> >>>> Thank you. Regards. >>>> >>>> On Fri, Feb 15, 2019 at 2:20 PM Chamod Samarajeewa <cha...@wso2.com> >>>> wrote: >>>> >>>>> Hi All, >>>>> >>>>> I'm working on developing a new feature for APIM Gateway to >>>>> provide Basic Authentication support. You can find the details in the >>>>> following Github issue [1]. >>>>> >>>>> I would really appreciate any feedback. Thank you. >>>>> >>>>> Best regards, >>>>> Chamod. >>>>> >>>>> [1] - https://github.com/wso2/carbon-apimgt/issues/5986 >>>>> -- >>>>> Chamod Samarajeewa | Software Engineer | WSO2 Inc. >>>>> (m) +94710397382 | Email: cha...@wso2.com <dimi...@wso2.com> >>>>> GET INTEGRATION AGILE >>>>> Integration Agility for Digitally Driven Business >>>>> >>>> >>>> >>>> -- >>>> Chamod Samarajeewa | Software Engineer | WSO2 Inc. >>>> (m) +94710397382 | Email: cha...@wso2.com <dimi...@wso2.com> >>>> GET INTEGRATION AGILE >>>> Integration Agility for Digitally Driven Business >>>> >>> >>> >>> -- >>> *Nuwan Dias* | Director | WSO2 Inc. >>> (m) +94 777 775 729 | (e) nuw...@wso2.com >>> [image: Signature.jpg] >>> >>> >>> -- >>> Chamod Samarajeewa | Software Engineer | WSO2 Inc. >>> (m) +94710397382 | Email: cha...@wso2.com <dimi...@wso2.com> >>> GET INTEGRATION AGILE >>> Integration Agility for Digitally Driven Business >>> >> >> >> -- >> >> *Harsha Kumara* >> >> Associate Technical Lead, WSO2 Inc. >> Mobile: +94775505618 >> Email: hars...@wso2.coim >> Blog: harshcreationz.blogspot.com >> >> GET INTEGRATION AGILE >> Integration Agility for Digitally Driven Business >> > > > -- > Chamod Samarajeewa | Software Engineer | WSO2 Inc. > (m) +94710397382 | Email: cha...@wso2.com <dimi...@wso2.com> > GET INTEGRATION AGILE > Integration Agility for Digitally Driven Business > _______________________________________________ > Architecture mailing list > Architecture@wso2.org > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > -- *Harsha Kumara* Associate Technical Lead, WSO2 Inc. Mobile: +94775505618 Email: hars...@wso2.coim Blog: harshcreationz.blogspot.com GET INTEGRATION AGILE Integration Agility for Digitally Driven Business
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
