Hi Supun, this is fine with me if it helps David. In general you should
break your work up into workable segments. From my quick look, this
seems like a good segment.
Marlon
On 7/2/14, 2:22 PM, Reagan, David Michael wrote:
If roles are not currently in the user API, then I don’t need it yet. But
please let me know as soon as roles are ready.
I imagine it is OK to use the same server as wso2, but I’m not really in a
position to know. Perhaps someone else can comment?
Dave
From: Supun Nakandala [mailto:supun.nakand...@gmail.com]
Sent: Wednesday, July 02, 2014 2:09 PM
To: dev@airavata.apache.org
Subject: Re: [GSoC] Status Update
There is a requirement of incorporating roles and permissions functionality to
the user API. Currently I am working on it. But until then if we want we can go
for a deployment of the current version of the server and get the PHP Reference
Gateway work with user API. I can deploy it in the same server where wso2 IS is
deployed. Is it okay to do so?
On Wed, Jul 2, 2014 at 11:24 PM, Reagan, David Michael
<dmrea...@iu.edu<mailto:dmrea...@iu.edu>> wrote:
OK, thanks. When do you expect a public deployment?
From: Supun Nakandala
[mailto:supun.nakand...@gmail.com<mailto:supun.nakand...@gmail.com>]
Sent: Wednesday, July 02, 2014 1:14 PM
To: dev@airavata.apache.org<mailto:dev@airavata.apache.org>
Subject: Re: [GSoC] Status Update
Hi Dave,
You cannot use the API because it is not deployed publicly yet. You can get the
code from [1] and run the server locally and test the API. I have not yet added
the configuration files. It will take default localhost as the server.
Supun
[1] - https://github.com/scnakandala/airavata-userapi/tree/master/userapi
On Wed, Jul 2, 2014 at 10:39 PM, Reagan, David Michael
<dmrea...@iu.edu<mailto:dmrea...@iu.edu>> wrote:
Hey, Supun. I’m trying to use the new user API, but I’m getting an exception
with the following message:
“TSocket: Could not connect to localhost:8932 (No connection could be made
because the target machine actively refused it. [10061])”
It looks like this is coming from UserAPIClientFactory.php, where the default
host is localhost. I see that the default is being used because when the
factory is created in userapi_utilities.php, it is being passed an empty array
as input. What should the values in that input array be, and where should they
be defined in a config file somewhere?
Thanks,
Dave
From: Amila Jayasekara
[mailto:thejaka.am...@gmail.com<mailto:thejaka.am...@gmail.com>]
Sent: Monday, June 30, 2014 3:38 AM
To: dev
Subject: Re: [GSoC] Status Update
Hi Supun,
Very good progress. Please see some inline comments.
On Sun, Jun 29, 2014 at 2:01 PM, Supun Nakandala
<supun.nakand...@gmail.com<mailto:supun.nakand...@gmail.com>> wrote:
Hi all,
Based on the feedback received I extended the proxy user API. The thrift
descriptors can be found at [1]. Also I incorporated the proxy API with PHP
Reference Gateway (PHPRG) and tested it locally.
Now PHPRG can support a more comprehensive user creation process using the
proxy API. It supports first name, last name, email, organization, address,
country, telephone, mobile, im, url while the bold ones are mandatory and
others are optional fields. [create_account_1.png, create_account_1.png]
The tenant admin (gateway admin) who can log in to the wso2 IS can view the
users list and their profiles.[wso2_is_user_profile_1.png,
wso2_is_user_profile_2.png]
The logged in user can also click on his username and change his password and
update his profile. [update_password.png, update_user_profile.png].
I have issues related to securing the communication between the gateway and the
proxy user api as thrift is not supporting SSL for some programming languages
including php(at least for now). What I am planning to do is to use PKI
encryption when sending password information and to use short lived encrypted
tokens during communication to avoid replay attacks.
Generally it needs significant effort to come up with a both secure and an
efficient security protocol. Even SSL uses symmetric key after initial
handshake (after exchanging symmetric key). Therefore it would be great if you
could use an existing PHP SSL library such as [2], instead of PKI encrypted
passwords. I dont know how much effort is needed to incorporate such
implementation to thrift layer. But I do believe this is something people have
already done.
[2] http://www.php.net/manual/en/book.openssl.php
Thanks
-Thejaka Amila
Thank you
Supun
[1] -
https://github.com/scnakandala/airavata-userapi/blob/master/userapi/thrift-interface-descriptors/userAPI.thrift
--
Thank you
Supun Nakandala
Dept. Computer Science and Engineering
University of Moratuwa
--
Thank you
Supun Nakandala
Dept. Computer Science and Engineering
University of Moratuwa
