Re: [Carbon-dev] HTTP and Proxy Authenticators for Carbon
Hi Prabath, On Tue, Sep 6, 2011 at 7:56 AM, Prabath Siriwardena prab...@wso2.comwrote: Hi Senaka, On Tue, Sep 6, 2011 at 1:47 AM, Senaka Fernando sen...@wso2.com wrote: I've given this the name because this is standard Java terminology. What we are implementing is an extension of java.net.Authenticator. Giving this some other name would confuse somebody. Also having said that, Authenticator in the java world is something that provides credentials for authentication. But the CarbonAuthenticator IIRC is not doing quite that, making the latter inconsistent. But, since we have been having it for a while, I'm not sure what's the correct choice here. Anyway, giving this some other name does not sound the correct thing to do. Even carbon authenticators take different type of credentials... and this seems more like a proxy proxy configuration.. This is the configuration [1] already used for axis2. parameter name=PROXY proxy_host=proxy_host_name proxy_port=proxy_host_port locked=trueuserName:domain:passWord/parameter According to my understanding, with regard to proxy configuration in Axis2, that's only if the server is fronted by a proxy while lies between client and server (ex:- Apache2 mod_proxy). This fix is to allow the server to access resources that lie behind multiple proxies (ex:- to access WSDL behind URL 1 you need proxy settings 1, and to access WSDL behind URL 2 you need proxy settings 2). So, what you have in Axis2 is client-oriented (i.e. for fixing WSDL URLs appropriately and all), and what we have introduced in here is server-oriented. IIUC in your scenario Carbon server is trying to access a resource behind a proxy and you need to authenticate to the proxy.. Shouldn't this the same at the axis2 client end.. but this doesn't have multiple proxy support as you mentioned. In either case shouldn't this something to be in axis2.xml..? [not in carbon.xml] This is not a transport-level thing that applies only to webservices. Axis2 is a webservices engine and this goes beyond that. For example, new URL(foo) call inside Java code, or accessing some resource through a web application is covered by this implementation. Also, this is not only for a proxy, but you can use it to access resources stored on a webserver that requires Basic, Digest, NTLM or SPNEGO authentication. If we introduce this into Axis2, it would be doing something additional (i.e. beyond its scope). What Axis2 has right now is sufficient for its use-cases, and this is something beyond that. Thanks, Senaka. Thanks regards, -Prabath [1]: http://wso2.org/library/161 ___ Carbon-dev mailing list Carbon-dev@wso2.org http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev -- *Senaka Fernando* Product Manager - WSO2 Governance Registry; Associate Technical Lead; WSO2 Inc.; http://wso2.com* Member; Apache Software Foundation; http://apache.org E-mail: senaka AT wso2.com **P: +1 408 754 7388; ext: 51736*; *M: +94 77 322 1818 Linked-In: http://linkedin.com/in/senakafernando *Lean . Enterprise . Middleware ___ Carbon-dev mailing list Carbon-dev@wso2.org http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
Re: [Carbon-dev] HTTP and Proxy Authenticators for Carbon
Senaka please send these types of mails to architecture@ or at least cross-post. Thanks, Sanjiva. On Tue, Sep 6, 2011 at 1:16 AM, Senaka Fernando sen...@wso2.com wrote: FYI, We have added $subject to Carbon, and the corresponding configuration (in carbon.xml) is as follows: Security ... Authenticators !-- configuration for a single authenticator -- Authenticator !-- the pattern that would match a subset of URLs for which this authenticator would be used -- Pattern.*/Pattern !-- the type of this authenticator. Allowed values are: 1. server 2. proxy -- Typeserver/Type !-- the username used to log in to server/proxy -- Usernamename/Username !-- the password used to log in to server/proxy -- Passwordpassword/Password /Authenticator Authenticator !-- the pattern that would match a subset of URLs for which this authenticator would be used -- Pattern.*/Pattern !-- the type of this authenticator. Allowed values are: 1. server 2. proxy -- Typeproxy/Type !-- the username used to log in to server/proxy -- Usernamename/Username !-- the password used to log in to server/proxy -- Passwordpassword/Password /Authenticator /Authenticators /Security This allows you to define multiple authenticators to log into multiple servers/proxies that require authentication. This is also useful for situations where Carbon is running behind a proxy (ex:- installing from P2 repo behind proxy, accessing WSDL file from server that requires authentication, importing documents from sharepoint secured by NTLM authentication into the registry). Thanks, Senaka. -- *Senaka Fernando* Product Manager - WSO2 Governance Registry; Associate Technical Lead; WSO2 Inc.; http://wso2.com* Member; Apache Software Foundation; http://apache.org E-mail: senaka AT wso2.com **P: +1 408 754 7388; ext: 51736*; *M: +94 77 322 1818 Linked-In: http://linkedin.com/in/senakafernando *Lean . Enterprise . Middleware ___ Carbon-dev mailing list Carbon-dev@wso2.org http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev -- Sanjiva Weerawarana, Ph.D. Founder, Chairman CEO; WSO2, Inc.; http://wso2.com/ email: sanj...@wso2.com; phone: +94 11 763 9614; cell: +94 77 787 6880 | +1 650 265 8311 blog: http://sanjiva.weerawarana.org/ Lean . Enterprise . Middleware ___ Carbon-dev mailing list Carbon-dev@wso2.org http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
Re: [Carbon-dev] HTTP and Proxy Authenticators for Carbon
Hi Senaka, I have to agree with Prabath. We already have a configuration similar to the following in the authenticators.xml file inside conf/advanced. Authenticators xmlns=http://wso2.org/projects/carbon/authenticators.xml; !-- Authenticator Configurations for TokenUIAuthenticator -- Authenticator name=TokenUIAuthenticator disabled=true Priority5/Priority /Authenticator . /Authenticators So having defined the same element Authenticator in the carbon.xml for a different reason may confuse the user. AFAIK, this is used when some Carbon code is acting as a client to access a remote resource. In the configurations you have shared, you are passing a set of configurations to the authenticators, not the information about authenticator itself. So how about using something like ClientAuthenticationConfiguration instead of Authenticator ? Thanks, Thilina On Tue, Sep 6, 2011 at 11:58 AM, Senaka Fernando sen...@wso2.com wrote: Hi Prabath, On Tue, Sep 6, 2011 at 7:56 AM, Prabath Siriwardena prab...@wso2.comwrote: Hi Senaka, On Tue, Sep 6, 2011 at 1:47 AM, Senaka Fernando sen...@wso2.com wrote: I've given this the name because this is standard Java terminology. What we are implementing is an extension of java.net.Authenticator. Giving this some other name would confuse somebody. Also having said that, Authenticator in the java world is something that provides credentials for authentication. But the CarbonAuthenticator IIRC is not doing quite that, making the latter inconsistent. But, since we have been having it for a while, I'm not sure what's the correct choice here. Anyway, giving this some other name does not sound the correct thing to do. Even carbon authenticators take different type of credentials... and this seems more like a proxy proxy configuration.. This is the configuration [1] already used for axis2. parameter name=PROXY proxy_host=proxy_host_name proxy_port=proxy_host_port locked=trueuserName:domain:passWord/parameter According to my understanding, with regard to proxy configuration in Axis2, that's only if the server is fronted by a proxy while lies between client and server (ex:- Apache2 mod_proxy). This fix is to allow the server to access resources that lie behind multiple proxies (ex:- to access WSDL behind URL 1 you need proxy settings 1, and to access WSDL behind URL 2 you need proxy settings 2). So, what you have in Axis2 is client-oriented (i.e. for fixing WSDL URLs appropriately and all), and what we have introduced in here is server-oriented. IIUC in your scenario Carbon server is trying to access a resource behind a proxy and you need to authenticate to the proxy.. Shouldn't this the same at the axis2 client end.. but this doesn't have multiple proxy support as you mentioned. In either case shouldn't this something to be in axis2.xml..? [not in carbon.xml] This is not a transport-level thing that applies only to webservices. Axis2 is a webservices engine and this goes beyond that. For example, new URL(foo) call inside Java code, or accessing some resource through a web application is covered by this implementation. Also, this is not only for a proxy, but you can use it to access resources stored on a webserver that requires Basic, Digest, NTLM or SPNEGO authentication. If we introduce this into Axis2, it would be doing something additional (i.e. beyond its scope). What Axis2 has right now is sufficient for its use-cases, and this is something beyond that. Thanks, Senaka. Thanks regards, -Prabath [1]: http://wso2.org/library/161 ___ Carbon-dev mailing list Carbon-dev@wso2.org http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev -- *Senaka Fernando* Product Manager - WSO2 Governance Registry; Associate Technical Lead; WSO2 Inc.; http://wso2.com* Member; Apache Software Foundation; http://apache.org E-mail: senaka AT wso2.com **P: +1 408 754 7388; ext: 51736*; *M: +94 77 322 1818 Linked-In: http://linkedin.com/in/senakafernando *Lean . Enterprise . Middleware ___ Carbon-dev mailing list Carbon-dev@wso2.org http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev -- Thilina Buddhika Associate Technical Lead WSO2 Inc. ; http://wso2.com lean . enterprise . middleware phone : +94 77 44 88 727 blog : http://blog.thilinamb.com ___ Carbon-dev mailing list Carbon-dev@wso2.org http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
Re: [Carbon-dev] HTTP and Proxy Authenticators for Carbon
On Wed, Sep 7, 2011 at 12:43 AM, Thilina Buddhika thili...@wso2.com wrote: Hi Senaka, I have to agree with Prabath. We already have a configuration similar to the following in the authenticators.xml file inside conf/advanced. Authenticators xmlns=http://wso2.org/projects/carbon/authenticators.xml !-- Authenticator Configurations for TokenUIAuthenticator -- Authenticator name=TokenUIAuthenticator disabled=true Priority5/Priority /Authenticator . /Authenticators So having defined the same element Authenticator in the carbon.xml for a different reason may confuse the user. AFAIK, this is used when some Carbon code is acting as a client to access a remote resource. In the configurations you have shared, you are passing a set of configurations to the authenticators, not the information about authenticator itself. So how about using something like ClientAuthenticationConfiguration instead of Authenticator ? s/ClientAuthenticationConfiguration/AuthenticationConfiguration Thanks, Thilina Thanks, Thilina On Tue, Sep 6, 2011 at 11:58 AM, Senaka Fernando sen...@wso2.com wrote: Hi Prabath, On Tue, Sep 6, 2011 at 7:56 AM, Prabath Siriwardena prab...@wso2.comwrote: Hi Senaka, On Tue, Sep 6, 2011 at 1:47 AM, Senaka Fernando sen...@wso2.com wrote: I've given this the name because this is standard Java terminology. What we are implementing is an extension of java.net.Authenticator. Giving this some other name would confuse somebody. Also having said that, Authenticator in the java world is something that provides credentials for authentication. But the CarbonAuthenticator IIRC is not doing quite that, making the latter inconsistent. But, since we have been having it for a while, I'm not sure what's the correct choice here. Anyway, giving this some other name does not sound the correct thing to do. Even carbon authenticators take different type of credentials... and this seems more like a proxy proxy configuration.. This is the configuration [1] already used for axis2. parameter name=PROXY proxy_host=proxy_host_name proxy_port=proxy_host_port locked=trueuserName:domain:passWord/parameter According to my understanding, with regard to proxy configuration in Axis2, that's only if the server is fronted by a proxy while lies between client and server (ex:- Apache2 mod_proxy). This fix is to allow the server to access resources that lie behind multiple proxies (ex:- to access WSDL behind URL 1 you need proxy settings 1, and to access WSDL behind URL 2 you need proxy settings 2). So, what you have in Axis2 is client-oriented (i.e. for fixing WSDL URLs appropriately and all), and what we have introduced in here is server-oriented. IIUC in your scenario Carbon server is trying to access a resource behind a proxy and you need to authenticate to the proxy.. Shouldn't this the same at the axis2 client end.. but this doesn't have multiple proxy support as you mentioned. In either case shouldn't this something to be in axis2.xml..? [not in carbon.xml] This is not a transport-level thing that applies only to webservices. Axis2 is a webservices engine and this goes beyond that. For example, new URL(foo) call inside Java code, or accessing some resource through a web application is covered by this implementation. Also, this is not only for a proxy, but you can use it to access resources stored on a webserver that requires Basic, Digest, NTLM or SPNEGO authentication. If we introduce this into Axis2, it would be doing something additional (i.e. beyond its scope). What Axis2 has right now is sufficient for its use-cases, and this is something beyond that. Thanks, Senaka. Thanks regards, -Prabath [1]: http://wso2.org/library/161 ___ Carbon-dev mailing list Carbon-dev@wso2.org http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev -- *Senaka Fernando* Product Manager - WSO2 Governance Registry; Associate Technical Lead; WSO2 Inc.; http://wso2.com* Member; Apache Software Foundation; http://apache.org E-mail: senaka AT wso2.com **P: +1 408 754 7388; ext: 51736*; *M: +94 77 322 1818 Linked-In: http://linkedin.com/in/senakafernando *Lean . Enterprise . Middleware ___ Carbon-dev mailing list Carbon-dev@wso2.org http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev -- Thilina Buddhika Associate Technical Lead WSO2 Inc. ; http://wso2.com lean . enterprise . middleware phone : +94 77 44 88 727 blog : http://blog.thilinamb.com -- Thilina Buddhika Associate Technical Lead WSO2 Inc. ; http://wso2.com lean . enterprise . middleware phone : +94 77 44 88 727 blog : http://blog.thilinamb.com ___ Carbon-dev mailing list Carbon-dev@wso2.org http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
Re: [Carbon-dev] HTTP and Proxy Authenticators for Carbon
Hi all, On Wed, Sep 7, 2011 at 12:46 AM, Thilina Buddhika thili...@wso2.com wrote: On Wed, Sep 7, 2011 at 12:43 AM, Thilina Buddhika thili...@wso2.comwrote: Hi Senaka, I have to agree with Prabath. We already have a configuration similar to the following in the authenticators.xml file inside conf/advanced. Authenticators xmlns=http://wso2.org/projects/carbon/authenticators.xml !-- Authenticator Configurations for TokenUIAuthenticator -- Authenticator name=TokenUIAuthenticator disabled=true Priority5/Priority /Authenticator . /Authenticators So having defined the same element Authenticator in the carbon.xml for a different reason may confuse the user. AFAIK, this is used when some Carbon code is acting as a client to access a remote resource. In the configurations you have shared, you are passing a set of configurations to the authenticators, not the information about authenticator itself. So how about using something like ClientAuthenticationConfiguration instead of Authenticator ? s/ClientAuthenticationConfiguration/AuthenticationConfiguration Actually, this is used to construct an extension of java.net.Authenticator, [1] for carbon. But, these are actually credentials, so may be we can use the name you suggest. But, I have a better plan, how about adding the following to authenticators.xml? !-- Authenticator Configurations for java.net.Authenticator -- Authenticator name=JavaNetworkAuthenticator Credential !-- the pattern that would match a subset of URLs for which this credential would be used -- Pattern.*/Pattern !-- the type of the network connection. Allowed values are: 1. server 2. proxy -- Typeserver/Type !-- the username used to log in to server/proxy -- Usernamename/Username !-- the password used to log in to server/proxy -- Passwordpassword/Password /Credential Credential !-- the pattern that would match a subset of URLs for which this credential would be used -- Pattern.*/Pattern !-- the type of the network connection. Allowed values are: 1. server 2. proxy -- Typeproxy/Type !-- the username used to log in to server/proxy -- Usernamename/Username !-- the password used to log in to server/proxy -- Passwordpassword/Password /Credential /Authenticator [1] http://download.oracle.com/javase/1.5.0/docs/api/java/net/Authenticator.html Thanks, Senaka. Thanks, Thilina Thanks, Thilina On Tue, Sep 6, 2011 at 11:58 AM, Senaka Fernando sen...@wso2.com wrote: Hi Prabath, On Tue, Sep 6, 2011 at 7:56 AM, Prabath Siriwardena prab...@wso2.comwrote: Hi Senaka, On Tue, Sep 6, 2011 at 1:47 AM, Senaka Fernando sen...@wso2.com wrote: I've given this the name because this is standard Java terminology. What we are implementing is an extension of java.net.Authenticator. Giving this some other name would confuse somebody. Also having said that, Authenticator in the java world is something that provides credentials for authentication. But the CarbonAuthenticator IIRC is not doing quite that, making the latter inconsistent. But, since we have been having it for a while, I'm not sure what's the correct choice here. Anyway, giving this some other name does not sound the correct thing to do. Even carbon authenticators take different type of credentials... and this seems more like a proxy proxy configuration.. This is the configuration [1] already used for axis2. parameter name=PROXY proxy_host=proxy_host_name proxy_port=proxy_host_port locked=trueuserName:domain:passWord/parameter According to my understanding, with regard to proxy configuration in Axis2, that's only if the server is fronted by a proxy while lies between client and server (ex:- Apache2 mod_proxy). This fix is to allow the server to access resources that lie behind multiple proxies (ex:- to access WSDL behind URL 1 you need proxy settings 1, and to access WSDL behind URL 2 you need proxy settings 2). So, what you have in Axis2 is client-oriented (i.e. for fixing WSDL URLs appropriately and all), and what we have introduced in here is server-oriented. IIUC in your scenario Carbon server is trying to access a resource behind a proxy and you need to authenticate to the proxy.. Shouldn't this the same at the axis2 client end.. but this doesn't have multiple proxy support as you mentioned. In either case shouldn't this something to be in
[Carbon-dev] HTTP and Proxy Authenticators for Carbon
FYI, We have added $subject to Carbon, and the corresponding configuration (in carbon.xml) is as follows: Security ... Authenticators !-- configuration for a single authenticator -- Authenticator !-- the pattern that would match a subset of URLs for which this authenticator would be used -- Pattern.*/Pattern !-- the type of this authenticator. Allowed values are: 1. server 2. proxy -- Typeserver/Type !-- the username used to log in to server/proxy -- Usernamename/Username !-- the password used to log in to server/proxy -- Passwordpassword/Password /Authenticator Authenticator !-- the pattern that would match a subset of URLs for which this authenticator would be used -- Pattern.*/Pattern !-- the type of this authenticator. Allowed values are: 1. server 2. proxy -- Typeproxy/Type !-- the username used to log in to server/proxy -- Usernamename/Username !-- the password used to log in to server/proxy -- Passwordpassword/Password /Authenticator /Authenticators /Security This allows you to define multiple authenticators to log into multiple servers/proxies that require authentication. This is also useful for situations where Carbon is running behind a proxy (ex:- installing from P2 repo behind proxy, accessing WSDL file from server that requires authentication, importing documents from sharepoint secured by NTLM authentication into the registry). Thanks, Senaka. -- *Senaka Fernando* Product Manager - WSO2 Governance Registry; Associate Technical Lead; WSO2 Inc.; http://wso2.com* Member; Apache Software Foundation; http://apache.org E-mail: senaka AT wso2.com **P: +1 408 754 7388; ext: 51736*; *M: +94 77 322 1818 Linked-In: http://linkedin.com/in/senakafernando *Lean . Enterprise . Middleware ___ Carbon-dev mailing list Carbon-dev@wso2.org http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
Re: [Carbon-dev] HTTP and Proxy Authenticators for Carbon
Hi Senaka, The words Authenticators/Authenticator would easily conflict with the Carbon Authenticators - can you please come up with different words.. Also - how does this differ from proxy configuration in axis2.xml..? Thanks regards, -Prabath On Tue, Sep 6, 2011 at 1:16 AM, Senaka Fernando sen...@wso2.com wrote: FYI, We have added $subject to Carbon, and the corresponding configuration (in carbon.xml) is as follows: Security ... Authenticators !-- configuration for a single authenticator -- Authenticator !-- the pattern that would match a subset of URLs for which this authenticator would be used -- Pattern.*/Pattern !-- the type of this authenticator. Allowed values are: 1. server 2. proxy -- Typeserver/Type !-- the username used to log in to server/proxy -- Usernamename/Username !-- the password used to log in to server/proxy -- Passwordpassword/Password /Authenticator Authenticator !-- the pattern that would match a subset of URLs for which this authenticator would be used -- Pattern.*/Pattern !-- the type of this authenticator. Allowed values are: 1. server 2. proxy -- Typeproxy/Type !-- the username used to log in to server/proxy -- Usernamename/Username !-- the password used to log in to server/proxy -- Passwordpassword/Password /Authenticator /Authenticators /Security This allows you to define multiple authenticators to log into multiple servers/proxies that require authentication. This is also useful for situations where Carbon is running behind a proxy (ex:- installing from P2 repo behind proxy, accessing WSDL file from server that requires authentication, importing documents from sharepoint secured by NTLM authentication into the registry). Thanks, Senaka. -- Senaka Fernando Product Manager - WSO2 Governance Registry; Associate Technical Lead; WSO2 Inc.; http://wso2.com Member; Apache Software Foundation; http://apache.org E-mail: senaka AT wso2.com P: +1 408 754 7388; ext: 51736; M: +94 77 322 1818 Linked-In: http://linkedin.com/in/senakafernando Lean . Enterprise . Middleware ___ Carbon-dev mailing list Carbon-dev@wso2.org http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev -- Thanks Regards, Prabath http://blog.facilelogin.com http://RampartFAQ.com ___ Carbon-dev mailing list Carbon-dev@wso2.org http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
Re: [Carbon-dev] HTTP and Proxy Authenticators for Carbon
I've given this the name because this is standard Java terminology. What we are implementing is an extension of java.net.Authenticator. Giving this some other name would confuse somebody. Also having said that, Authenticator in the java world is something that provides credentials for authentication. But the CarbonAuthenticator IIRC is not doing quite that, making the latter inconsistent. But, since we have been having it for a while, I'm not sure what's the correct choice here. Anyway, giving this some other name does not sound the correct thing to do. According to my understanding, with regard to proxy configuration in Axis2, that's only if the server is fronted by a proxy while lies between client and server (ex:- Apache2 mod_proxy). This fix is to allow the server to access resources that lie behind multiple proxies (ex:- to access WSDL behind URL 1 you need proxy settings 1, and to access WSDL behind URL 2 you need proxy settings 2). So, what you have in Axis2 is client-oriented (i.e. for fixing WSDL URLs appropriately and all), and what we have introduced in here is server-oriented. Thanks, Senaka. On Tue, Sep 6, 2011 at 1:29 AM, Prabath Siriwardena prab...@wso2.comwrote: Hi Senaka, The words Authenticators/Authenticator would easily conflict with the Carbon Authenticators - can you please come up with different words.. Also - how does this differ from proxy configuration in axis2.xml..? Thanks regards, -Prabath On Tue, Sep 6, 2011 at 1:16 AM, Senaka Fernando sen...@wso2.com wrote: FYI, We have added $subject to Carbon, and the corresponding configuration (in carbon.xml) is as follows: Security ... Authenticators !-- configuration for a single authenticator -- Authenticator !-- the pattern that would match a subset of URLs for which this authenticator would be used -- Pattern.*/Pattern !-- the type of this authenticator. Allowed values are: 1. server 2. proxy -- Typeserver/Type !-- the username used to log in to server/proxy -- Usernamename/Username !-- the password used to log in to server/proxy -- Passwordpassword/Password /Authenticator Authenticator !-- the pattern that would match a subset of URLs for which this authenticator would be used -- Pattern.*/Pattern !-- the type of this authenticator. Allowed values are: 1. server 2. proxy -- Typeproxy/Type !-- the username used to log in to server/proxy -- Usernamename/Username !-- the password used to log in to server/proxy -- Passwordpassword/Password /Authenticator /Authenticators /Security This allows you to define multiple authenticators to log into multiple servers/proxies that require authentication. This is also useful for situations where Carbon is running behind a proxy (ex:- installing from P2 repo behind proxy, accessing WSDL file from server that requires authentication, importing documents from sharepoint secured by NTLM authentication into the registry). Thanks, Senaka. -- Senaka Fernando Product Manager - WSO2 Governance Registry; Associate Technical Lead; WSO2 Inc.; http://wso2.com Member; Apache Software Foundation; http://apache.org E-mail: senaka AT wso2.com P: +1 408 754 7388; ext: 51736; M: +94 77 322 1818 Linked-In: http://linkedin.com/in/senakafernando Lean . Enterprise . Middleware ___ Carbon-dev mailing list Carbon-dev@wso2.org http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev -- Thanks Regards, Prabath http://blog.facilelogin.com http://RampartFAQ.com ___ Carbon-dev mailing list Carbon-dev@wso2.org http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev -- *Senaka Fernando* Product Manager - WSO2 Governance Registry; Associate Technical Lead; WSO2 Inc.; http://wso2.com* Member; Apache Software Foundation; http://apache.org E-mail: senaka AT wso2.com **P: +1 408 754 7388; ext: 51736*; *M: +94 77 322 1818 Linked-In: http://linkedin.com/in/senakafernando *Lean . Enterprise . Middleware ___ Carbon-dev mailing list Carbon-dev@wso2.org http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
Re: [Carbon-dev] HTTP and Proxy Authenticators for Carbon
Hi Senaka, On Tue, Sep 6, 2011 at 1:47 AM, Senaka Fernando sen...@wso2.com wrote: I've given this the name because this is standard Java terminology. What we are implementing is an extension of java.net.Authenticator. Giving this some other name would confuse somebody. Also having said that, Authenticator in the java world is something that provides credentials for authentication. But the CarbonAuthenticator IIRC is not doing quite that, making the latter inconsistent. But, since we have been having it for a while, I'm not sure what's the correct choice here. Anyway, giving this some other name does not sound the correct thing to do. Even carbon authenticators take different type of credentials... and this seems more like a proxy proxy configuration.. This is the configuration [1] already used for axis2. parameter name=PROXY proxy_host=proxy_host_name proxy_port=proxy_host_port locked=trueuserName:domain:passWord/parameter According to my understanding, with regard to proxy configuration in Axis2, that's only if the server is fronted by a proxy while lies between client and server (ex:- Apache2 mod_proxy). This fix is to allow the server to access resources that lie behind multiple proxies (ex:- to access WSDL behind URL 1 you need proxy settings 1, and to access WSDL behind URL 2 you need proxy settings 2). So, what you have in Axis2 is client-oriented (i.e. for fixing WSDL URLs appropriately and all), and what we have introduced in here is server-oriented. IIUC in your scenario Carbon server is trying to access a resource behind a proxy and you need to authenticate to the proxy.. Shouldn't this the same at the axis2 client end.. but this doesn't have multiple proxy support as you mentioned. In either case shouldn't this something to be in axis2.xml..? [not in carbon.xml] Thanks regards, -Prabath [1]: http://wso2.org/library/161 ___ Carbon-dev mailing list Carbon-dev@wso2.org http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev