Hi Pubudu, Did you able to check this locally and confirm? Don't we have to enable *EnableJWTGeneration* property to append the JWT header?
Thanks and Regards On Mon, Nov 20, 2017 at 9:52 AM, Pubudu Gunatilaka <pubu...@wso2.com> wrote: > Hi Rukshan, > > My concern is why we need to enable JWT in gateway? The jwt is getting > generated in KM/IS and gateway only passes the JWT to the backend. I do not > see a valid reason to enable JWT in gateway node if there isn't any usage. > > Thank you! > > On Mon, Nov 20, 2017 at 12:09 PM, Rukshan Premathunga <ruks...@wso2.com> > wrote: > >> Hi pubudu, >> >> This depends on the backend right? if it need such a authorization, >> cluster or Single AM setup we need to generate the JWT and pass to the >> backend. So it is upto the backend implementation i think. >> >> Thanks and Regards >> >> On Mon, Nov 20, 2017 at 8:16 AM, Pubudu Gunatilaka <pubu...@wso2.com> >> wrote: >> >>> Hi, >>> >>> Do we need to enable JWT in gateway node [1] in a fully distributed >>> deployment where KM/IS is hosted separately? >>> >>> I can see the JWT is passed to the backend. >>> >>> *TID: [-1] [] [2017-11-20 10:37:31,347] DEBUG >>>> {org.apache.synapse.transport.http.headers} - http-outgoing-1 >> >>>> X-JWT-Assertion: *eyJ0eXAiOiJKV1QiLCJhbGciOiJSUz >>>> I1NiIsIng1dCI6ImFfamhOdXMyMUtWdW9GeDY1TG1rVzJPX2wxMCJ9.eyJod >>>> HRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC9yb2xlIjpbIkludGVybmFsXC9zd >>>> WJzY3JpYmVyIiwiSW50ZXJuYWxcL2NyZWF0b3IiLCJBcHBsaWNhdGlvblwvY >>>> WRtaW5fRGVmYXVsdEFwcGxpY2F0aW9uX1BST0RVQ1RJT04iLCJJbnRlcm5hb >>>> FwvcHVibGlzaGVyIiwiSW50ZXJuYWxcL2V2ZXJ5b25lIiwiYWRtaW4iXSwia >>>> HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb250aWVyIjoiV >>>> W5saW1pdGVkIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wva2V5dHlwZ >>>> SI6IlBST0RVQ1RJT04iLCJodHRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC92Z >>>> XJzaW9uIjoidjEiLCJpc3MiOiJ3c28yLm9yZ1wvcHJvZHVjdHNcL2FtIiwia >>>> HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb25uYW1lIjoiR >>>> GVmYXVsdEFwcGxpY2F0aW9uIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc >>>> 1wvZW5kdXNlciI6ImFkbWluQGNhcmJvbi5zdXBlciIsImh0dHA6XC9cL3dzb >>>> zIub3JnXC9jbGFpbXNcL2VuZHVzZXJUZW5hbnRJZCI6Ii0xMjM0IiwiaHR0c >>>> DpcL1wvd3NvMi5vcmdcL2NsYWltc1wvc3Vic2NyaWJlciI6ImFkbWluIiwia >>>> HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdGllciI6IlVubGltaXRlZCIsI >>>> mh0dHA6XC9cL3dzbzIub3JnXC9jbGFpbXNcL2FwcGxpY2F0aW9uaWQiOiIxI >>>> iwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdXNlcnR5cGUiOiJBUFBMS >>>> UNBVElPTiIsImV4cCI6MTUxMTE0NTQ0OSwiaHR0cDpcL1wvd3NvMi5vcmdcL >>>> 2NsYWltc1wvYXBpY29udGV4dCI6IlwvZmRzYVwvdjEifQ==.ADG30dcwlxBa >>>> N7Wxtixc5Wq/gZRj7nZrGHExn0E+7O4pZ6xTSjeVx7UrWSwj31vm7DjL+CvK >>>> 07popxJqchT8+ACt303BkRxOKgfW66h/XmOxleUlXohQByUe6/7FTpnFRfyZ >>>> 7jzttjZct39sBzHcNcyUAEqcl/HEt+eR62/dksM= {org.apache.synapse.transport. >>>> http.headers} >>>> *TID: [-1] [] [2017-11-20 10:37:31,348] DEBUG >>>> {org.apache.synapse.transport.http.wire} - HTTP-Sender I/O dispatcher-1 << >>>> "X-JWT-Assertion: *eyJ0eXAiOiJKV1QiLCJhbGciOiJSUz >>>> I1NiIsIng1dCI6ImFfamhOdXMyMUtWdW9GeDY1TG1rVzJPX2wxMCJ9.eyJod >>>> HRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC9yb2xlIjpbIkludGVybmFsXC9zd >>>> WJzY3JpYmVyIiwiSW50ZXJuYWxcL2NyZWF0b3IiLCJBcHBsaWNhdGlvblwvY >>>> WRtaW5fRGVmYXVsdEFwcGxpY2F0aW9uX1BST0RVQ1RJT04iLCJJbnRlcm5hb >>>> FwvcHVibGlzaGVyIiwiSW50ZXJuYWxcL2V2ZXJ5b25lIiwiYWRtaW4iXSwia >>>> HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb250aWVyIjoiV >>>> W5saW1pdGVkIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wva2V5dHlwZ >>>> SI6IlBST0RVQ1RJT04iLCJodHRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC92Z >>>> XJzaW9uIjoidjEiLCJpc3MiOiJ3c28yLm9yZ1wvcHJvZHVjdHNcL2FtIiwia >>>> HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb25uYW1lIjoiR >>>> GVmYXVsdEFwcGxpY2F0aW9uIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc >>>> 1wvZW5kdXNlciI6ImFkbWluQGNhcmJvbi5zdXBlciIsImh0dHA6XC9cL3dzb >>>> zIub3JnXC9jbGFpbXNcL2VuZHVzZXJUZW5hbnRJZCI6Ii0xMjM0IiwiaHR0c >>>> DpcL1wvd3NvMi5vcmdcL2NsYWltc1wvc3Vic2NyaWJlciI6ImFkbWluIiwia >>>> HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdGllciI6IlVubGltaXRlZCIsI >>>> mh0dHA6XC9cL3dzbzIub3JnXC9jbGFpbXNcL2FwcGxpY2F0aW9uaWQiOiIxI >>>> iwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdXNlcnR5cGUiOiJBUFBMS >>>> UNBVElPTiIsImV4cCI6MTUxMTE0NTQ0OSwiaHR0cDpcL1wvd3NvMi5vcmdcL >>>> 2NsYWltc1wvYXBpY29udGV4dCI6IlwvZmRzYVwvdjEifQ==.ADG30dcwlxBa >>>> N7Wxtixc5Wq/gZRj7nZrGHExn0E+7O4pZ6xTSjeVx7UrWSwj31vm7DjL+CvK >>>> 07popxJqchT8+ACt303BkRxOKgfW66h/XmOxleUlXohQByUe6/7FTpnFRfyZ >>>> 7jzttjZct39sBzHcNcyUAEqcl/HEt+eR62/dksM=[\r][\n]" >>>> {org.apache.synapse.transport.http.wire} >>> >>> >>> >>> What is the need to enable JWT in gateway node? >>> >>> [1] - https://docs.wso2.com/display/AM210/Distributed+Deployment >>> +of+API+Manager#DistributedDeploymentofAPIManager-Step3.5-Co >>> nfiguretheGateway >>> >>> Thank you! >>> -- >>> *Pubudu Gunatilaka* >>> Committer and PMC Member - Apache Stratos >>> Senior Software Engineer >>> WSO2, Inc.: http://wso2.com >>> mobile : +94774078049 <%2B94772207163> >>> >>> >>> _______________________________________________ >>> Dev mailing list >>> Dev@wso2.org >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >> >> -- >> Rukshan Chathuranga. >> Software Engineer. >> WSO2, Inc. >> +94711822074 <+94%2071%20182%202074> >> > > > > -- > *Pubudu Gunatilaka* > Committer and PMC Member - Apache Stratos > Senior Software Engineer > WSO2, Inc.: http://wso2.com > mobile : +94774078049 <%2B94772207163> > > -- Rukshan Chathuranga. Software Engineer. WSO2, Inc. +94711822074
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev