That's a choice we need to make; but this still is an Authenticator (which is an extension of the standard java.net.Authenticator - a part of JAAS). Realizing that we had a special authenticator configuration file, I thought it'd be more appropriate to place it there (compared to carbon.xml).
Our authenticators help external entities (users, systems) log into our server, and this authenticator helps our server log into external entities (systems - servers, proxies), which is the difference. Thanks, Senaka. On Wed, Sep 7, 2011 at 10:59 AM, Thilina Buddhika <thili...@wso2.com> wrote: > But authenticators.xml is for Carbon Authenticators. And this is for a > different purpose. So having them in a single file does not make sense to > me. > Thanks, > Thilina > > On Wed, Sep 7, 2011 at 10:42 AM, Senaka Fernando <sen...@wso2.com> wrote: > >> Hi all, >> >> On Wed, Sep 7, 2011 at 12:46 AM, Thilina Buddhika <thili...@wso2.com>wrote: >> >>> >>> >>> On Wed, Sep 7, 2011 at 12:43 AM, Thilina Buddhika <thili...@wso2.com>wrote: >>> >>>> Hi Senaka, >>>> >>>> I have to agree with Prabath. We already have a configuration similar to >>>> the following in the authenticators.xml file inside conf/advanced. >>>> >>>> <Authenticators xmlns=" >>>> http://wso2.org/projects/carbon/authenticators.xml";> >>>> >>>> <!-- Authenticator Configurations for TokenUIAuthenticator --> >>>> <Authenticator name="TokenUIAuthenticator" disabled="true"> >>>> <Priority>5</Priority> >>>> </Authenticator> >>>> >>>> ..... >>>> >>>> </Authenticators> >>>> >>>> So having defined the same element Authenticator in the carbon.xml for a >>>> different reason may confuse the user. >>>> >>>> AFAIK, this is used when some Carbon code is acting as a client to >>>> access a remote resource. In the configurations you have shared, you are >>>> passing a set of configurations to the authenticators, not the information >>>> about authenticator itself. So how about using something like >>>> ClientAuthenticationConfiguration instead of Authenticator ? >>>> >>> >>> s/ClientAuthenticationConfiguration/AuthenticationConfiguration >>> >> >> Actually, this is used to construct an extension of >> java.net.Authenticator, [1] for carbon. But, these are actually credentials, >> so may be we can use the name you suggest. But, I have a better plan, how >> about adding the following to authenticators.xml? >> >> <!-- Authenticator Configurations for java.net.Authenticator --> >> <Authenticator name="JavaNetworkAuthenticator"> >> <Credential> >> <!-- >> the pattern that would match a subset of URLs for >> which this credential >> >> would be used >> --> >> <Pattern>.*</Pattern> >> <!-- >> the type of the network connection. Allowed values >> are: >> >> 1. server >> 2. proxy >> --> >> <Type>server</Type> >> <!-- the username used to log in to server/proxy --> >> <Username>name</Username> >> <!-- the password used to log in to server/proxy --> >> <Password>password</Password> >> </Credential> >> <Credential> >> <!-- >> the pattern that would match a subset of URLs for >> which this credential >> >> would be used >> --> >> <Pattern>.*</Pattern> >> <!-- >> the type of the network connection. Allowed values >> are: >> >> 1. server >> 2. proxy >> --> >> <Type>proxy</Type> >> <!-- the username used to log in to server/proxy --> >> <Username>name</Username> >> <!-- the password used to log in to server/proxy --> >> <Password>password</Password> >> </Credential> >> </Authenticator> >> >> [1] >> http://download.oracle.com/javase/1.5.0/docs/api/java/net/Authenticator.html >> >> Thanks, >> Senaka. >> >>> >>> Thanks, >>> Thilina >>> >>> >>>> >>>> Thanks, >>>> Thilina >>>> >>>> On Tue, Sep 6, 2011 at 11:58 AM, Senaka Fernando <sen...@wso2.com>wrote: >>>> >>>>> Hi Prabath, >>>>> >>>>> On Tue, Sep 6, 2011 at 7:56 AM, Prabath Siriwardena >>>>> <prab...@wso2.com>wrote: >>>>> >>>>>> Hi Senaka, >>>>>> >>>>>> On Tue, Sep 6, 2011 at 1:47 AM, Senaka Fernando <sen...@wso2.com> >>>>>> wrote: >>>>>> > I've given this the name because this is standard Java terminology. >>>>>> What we >>>>>> > are implementing is an extension of java.net.Authenticator. Giving >>>>>> this some >>>>>> > other name would confuse somebody. Also having said that, >>>>>> Authenticator in >>>>>> > the java world is something that provides credentials for >>>>>> authentication. >>>>>> > But the CarbonAuthenticator IIRC is not doing quite that, making the >>>>>> latter >>>>>> > inconsistent. But, since we have been having it for a while, I'm not >>>>>> sure >>>>>> > what's the correct choice here. Anyway, giving this some other name >>>>>> does not >>>>>> > sound the correct thing to do. >>>>>> >>>>>> Even carbon authenticators take different type of credentials... and >>>>>> this seems more like a proxy proxy configuration.. >>>>>> >>>>>> This is the configuration [1] already used for axis2. >>>>>> >>>>>> <parameter name="PROXY" >>>>>> proxy_host="proxy_host_name" >>>>>> proxy_port="proxy_host_port" >>>>>> locked="true>userName:domain:passWord</parameter> >>>>>> >>>>>> > >>>>>> > According to my understanding, with regard to proxy configuration in >>>>>> Axis2, >>>>>> > that's only if the server is fronted by a proxy while lies between >>>>>> client >>>>>> > and server (ex:- Apache2 mod_proxy). This fix is to allow the server >>>>>> to >>>>>> > access resources that lie behind multiple proxies (ex:- to access >>>>>> WSDL >>>>>> > behind URL 1 you need proxy settings 1, and to access WSDL behind >>>>>> URL 2 you >>>>>> > need proxy settings 2). So, what you have in Axis2 is >>>>>> client-oriented (i.e. >>>>>> > for fixing WSDL URLs appropriately and all), and what we have >>>>>> introduced in >>>>>> > here is server-oriented. >>>>>> >>>>>> IIUC in your scenario Carbon server is trying to access a resource >>>>>> behind a proxy and you need to authenticate to the proxy.. Shouldn't >>>>>> this the same at the axis2 client end.. but this doesn't have multiple >>>>>> proxy support as you mentioned. In either case shouldn't this >>>>>> something to be in axis2.xml..? [not in carbon.xml] >>>>>> >>>>> >>>>> This is not a transport-level thing that applies only to webservices. >>>>> Axis2 is a webservices engine and this goes beyond that. For example, new >>>>> URL("foo") call inside Java code, or accessing some resource through a web >>>>> application is covered by this implementation. Also, this is not only for >>>>> a >>>>> proxy, but you can use it to access resources stored on a webserver that >>>>> requires Basic, Digest, NTLM or SPNEGO authentication. If we introduce >>>>> this >>>>> into Axis2, it would be doing something additional (i.e. beyond its >>>>> scope). >>>>> What Axis2 has right now is sufficient for its use-cases, and this is >>>>> something beyond that. >>>>> >>>>> Thanks, >>>>> Senaka. >>>>> >>>>> >>>>>> Thanks & regards, >>>>>> -Prabath >>>>>> >>>>>> [1]: http://wso2.org/library/161 >>>>>> _______________________________________________ >>>>>> Carbon-dev mailing list >>>>>> Carbon-dev@wso2.org >>>>>> http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> *Senaka Fernando* >>>>> Product Manager - WSO2 Governance Registry; >>>>> Associate Technical Lead; WSO2 Inc.; http://wso2.com* >>>>> Member; Apache Software Foundation; http://apache.org >>>>> >>>>> E-mail: senaka AT wso2.com >>>>> **P: +1 408 754 7388; ext: 51736*; *M: +94 77 322 1818 >>>>> Linked-In: http://linkedin.com/in/senakafernando >>>>> >>>>> *Lean . Enterprise . Middleware >>>>> >>>>> >>>>> _______________________________________________ >>>>> Carbon-dev mailing list >>>>> Carbon-dev@wso2.org >>>>> http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>>> >>>>> >>>> >>>> >>>> -- >>>> Thilina Buddhika >>>> >>>> Associate Technical Lead >>>> WSO2 Inc. ; http://wso2.com >>>> lean . enterprise . middleware >>>> >>>> phone : +94 77 44 88 727 >>>> blog : http://blog.thilinamb.com >>>> >>> >>> >>> >>> -- >>> Thilina Buddhika >>> Associate Technical Lead >>> WSO2 Inc. ; http://wso2.com >>> lean . enterprise . middleware >>> >>> phone : +94 77 44 88 727 >>> blog : http://blog.thilinamb.com >>> >>> _______________________________________________ >>> Carbon-dev mailing list >>> Carbon-dev@wso2.org >>> http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>> >>> >> >> >> -- >> *Senaka Fernando* >> Product Manager - WSO2 Governance Registry; >> Associate Technical Lead; WSO2 Inc.; http://wso2.com* >> Member; Apache Software Foundation; http://apache.org >> >> E-mail: senaka AT wso2.com >> **P: +1 408 754 7388; ext: 51736*; *M: +94 77 322 1818 >> Linked-In: http://linkedin.com/in/senakafernando >> >> *Lean . Enterprise . Middleware >> >> >> _______________________________________________ >> Architecture mailing list >> architect...@wso2.org >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > Thilina Buddhika > Associate Technical Lead > WSO2 Inc. ; http://wso2.com > lean . enterprise . middleware > > phone : +94 77 44 88 727 > blog : http://blog.thilinamb.com > > _______________________________________________ > Architecture mailing list > architect...@wso2.org > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- *Senaka Fernando* Product Manager - WSO2 Governance Registry; Associate Technical Lead; WSO2 Inc.; http://wso2.com* Member; Apache Software Foundation; http://apache.org E-mail: senaka AT wso2.com **P: +1 408 754 7388; ext: 51736*; *M: +94 77 322 1818 Linked-In: http://linkedin.com/in/senakafernando *Lean . Enterprise . Middleware
_______________________________________________ Carbon-dev mailing list Carbon-dev@wso2.org http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
