On Mon, Jul 28, 2014 at 11:44 AM, Nirodha Pramod <niro...@wso2.com> wrote:
> Hi Sanjeewa, > > Ain't it a wrong design? IMO if the APPLICATION TOKEN is generated in the > KeyManager node (which you configure the server url in the store), then it > should read the validity period from the key manager node itself at the > time of token generation. I dont understand why it reads the validity > period from store node's configuration and then generate the token in > keymanager node. Configuring all the nodes in the same way is not a good > solution. > Once the store/key-maanger nodes are separated, we could not read the identity.xml of key-manager from the store using file system. To do that, we need to expose a service that could read the identity.xml properties. But this complicate the implementation and introduce additional service call in the store load. So defining it in store is ok IMO. Regards, Dinusha. > > thanks, > Nirodha > > > On Mon, Jul 28, 2014 at 11:35 AM, Sanjeewa Malalgoda <sanje...@wso2.com> > wrote: > >> The reason for this issue is, in API store when we generate token default >> validity time will pick from store nodes config file. Then you will see >> store nodes validity period(configured in identity.xml) in token validity >> period box. But if you send token generation request(user access token) to >> key manager through gateway then it will eventually hit key manager. Then >> validity period in key manager will effect. There is no logical reason for >> this. We need to add this configuration to all nodes in same way. >> >> Thanks, >> sanjeewa. >> >> >> On Sun, Jul 27, 2014 at 10:56 PM, Asanthi Kulasinghe <asan...@wso2.com> >> wrote: >> >>> Hi, >>> >>> We have observed that the token expiration times in a API-Manager >>> Clustered set up for token types Application access token and User access >>> token, are taken from the values set in 2 different nodes. >>> >>> ie: >>> <ApplicationAccessTokenDefaultValidityPeriod> value of the Store node's >>> identity.xml is considered for Application access token expiration time. >>> <UserAccessTokenDefaultValidityPeriod> value of the Key Manager node's >>> identity.xml is considered for the User access token expiration time. >>> >>> Is there a logical reason behind this or should the values set in Key >>> Manager node be considered for both token types? >>> >>> Regards >>> *Asanthi Kulasinghe* >>> WSO2 Inc; http://www.wso2.com/. >>> Mobile: +94777355522 >>> >>> >>> >>> _______________________________________________ >>> Dev mailing list >>> Dev@wso2.org >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >> >> -- >> >> *Sanjeewa Malalgoda* >> WSO2 Inc. >> Mobile : +94713068779 >> >> <http://sanjeewamalalgoda.blogspot.com/>blog >> :http://sanjeewamalalgoda.blogspot.com/ >> <http://sanjeewamalalgoda.blogspot.com/> >> >> >> >> _______________________________________________ >> Dev mailing list >> Dev@wso2.org >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > > *Nirodha Gallage* > Senior Software Engineer, QA. > WSO2 Inc.: http://wso2.com/ > Mobile: +94716429078 > > _______________________________________________ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Dinusha Dilrukshi Senior Software Engineer WSO2 Inc.: http://wso2.com/ Mobile: +94725255071 Blog: http://dinushasblog.blogspot.com/
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
