The CarbonTomcatRealm is good to do the Authentication, sorry to miss that the Applications need to create their own Users, Roles and etc. Therefore we do need a Service endpoint for User Management or we need to provide a common library.
Furthermore, the Client Web applications provides the JSON messages in HTTP/HTTPs to AS, How to workaround this requirement? Thanks, Wenxing From: KasunG Gajasinghe [mailto:kas...@wso2.com] Sent: Tuesday, September 13, 2016 7:59 PM To: wenxzhen Cc: Thusitha Thilina Dayaratne; WSO2 Developers' List Subject: Re: [Dev] About the runtime architecture of WSO2 Application Server Hi wenxzhen, User management is one of the strong suites of the WSO2 platform. For web applications, a Tomcat realm called CarbonTomcatRealm [1] is provided that can authenticate web applications. This transparently works with web.xml security-constraints for "container managed security" of Tomcat. But if you do require a more flexible way to handle authentication and authorization, then you can use the AuthenticationAdmin endpoint. This is not a REST API though, it is based on SOAP. Checkout the doc [2] for more info on this. If you are interested in this route, we can discuss how to workaround the SOAP requirements though! [1] https://github.com/wso2/carbon-kernel/blob/4.4.x/core/org.wso2.carbon.tomcat.ext/src/main/java/org/wso2/carbon/tomcat/ext/realms/CarbonTomcatRealm.java [2] https://docs.wso2.com/display/AM170/WSO2+Admin+Services Regards, KasunG On Tue, Sep 13, 2016 at 5:09 PM, wenxzhen <zhen...@csdn.net> wrote: Yes, in some extent, we need to use the SSO but we need more: 1. We have App1 for CustomerA 2. We have another App2 for CustomerB 3. Both App1 and App2 are Web applications running on WSO2 AS, and both Apps needs to do the authorization and authentication 4. What would be the best practice to re-use the codes? I am thinking to wrap the User Management into a REST/JSON API, so that both App1 and App2 can access and JSON would be much more light weight Please kindly advice Thanks, Wenxing From: Thusitha Thilina Dayaratne [mailto:thusit...@wso2.com] Sent: Tuesday, September 13, 2016 7:28 PM To: wenxzhen Cc: WSO2 Developers' List Subject: Re: [Dev] About the runtime architecture of WSO2 Application Server Hi Wenxing, Can you use the SingleSignOn for your requirment[1]? [1] - <https://docs.wso2.com/display/AS530/Using+SSO+with+Web+Applications> https://docs.wso2.com/display/AS530/Using+SSO+with+Web+Applications Thanks On Tue, Sep 13, 2016 at 4:25 PM, wenxzhen <zhen...@csdn.net> wrote: Thanks to Rasika. We are using AS530. From the description of docs[2], it seems the Services in Jar file are being executed on the AXIS2 engine, therefore it should be in SOAP message. As we may have different/multiple SaaS applications, every application needs to do the authorization and authentication against the user management tables. Does the Carbon or AS by default provides a REST API to do the work? Or can we provide a REST/JSON API for the user management to simplify the work or reuse the codes? Any potential issue we may meet on the way to go? Thanks again, Best, Wenxing From: Rasika Perera [mailto:rasi...@wso2.com] Sent: Tuesday, September 13, 2016 6:29 PM To: 郑文兴 Cc: WSO2 Developers' List Subject: Re: [Dev] About the runtime architecture of WSO2 Application Server Hi Wenxing, Please refer docs [1] and [2] for Services/Applications deployment. WSO2 Applications Server deploys the web applications on an internal embedded Tomcat server. Hence, apps are served through tomcats threads pool. You can find more higher level architecture of WSO2 AS on doc link[3]. Let us know which version you are using If you need further details. Thanks, Rasika [1] https://docs.wso2.com/display/AS530/Application+Development+and+Deployment [2] https://docs.wso2.com/display/AS530/Services+Development+and+Deployment [3] https://docs.wso2.com/display/AS530/Architecture On Tue, Sep 13, 2016 at 10:57 AM, 郑文兴 <zhen...@csdn.net> wrote: Dear all, During the running of the WSO2 AS, how will the Services/Applications be run or scheduled on the Application Server? Are they running on different processes or threads? Please shed some light and share more details on the architecture. Appreciated for your kindly help. Best, Wenxing _______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev -- With Regards, Rasika Perera Software Engineer LinkedIn: http://lk.linkedin.com/in/rasika90 <https://wso2.com/signature> wso2-signature-general.png WSO2 Inc. <http://www.wso2.com/> www.wso2.com lean.enterprise.middleware _______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev -- Thusitha Dayaratne Software Engineer WSO2 Inc. - lean . enterprise . middleware | <http://wso2.com/> wso2.com Mobile +94712756809 <tel:%2B94712756809> Blog alokayasoya.blogspot.com About http://about.me/thusithathilina <http://wso2.com/signature> _______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev -- Kasun Gajasinghe Associate Technical Lead, WSO2 Inc. email: kasung AT spamfree wso2.com linked-in: http://lk.linkedin.com/in/gajasinghe blog: http://kasunbg.org
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
