[Dev] About the runtime architecture of WSO2 Application Server

2016-09-12 Thread 郑文兴 
Dear all,

 

During the running of the WSO2 AS, how will the Services/Applications be run
or scheduled on the Application Server? Are they running on different
processes or threads?

 

Please shed some light and share more details on the architecture.
Appreciated for your kindly help.

 

Best, Wenxing

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] About the runtime architecture of WSO2 Application Server

2016-09-13 Thread Rasika Perera 
Hi Wenxing,

Please refer docs [1] and [2] for Services/Applications deployment. WSO2
Applications Server deploys the web applications on an internal embedded
Tomcat server. Hence, apps are served through tomcats threads pool.

You can find more higher level architecture of WSO2 AS on doc link[3].

Let us know which version you are using If you need further details.

Thanks,
Rasika

[1]
https://docs.wso2.com/display/AS530/Application+Development+and+Deployment
[2] https://docs.wso2.com/display/AS530/Services+Development+and+Deployment
[3] https://docs.wso2.com/display/AS530/Architecture

On Tue, Sep 13, 2016 at 10:57 AM, 郑文兴  wrote:

> Dear all,
>
>
>
> During the running of the WSO2 AS, how will the Services/Applications be
> run or scheduled on the Application Server? Are they running on different
> processes or threads?
>
>
>
> Please shed some light and share more details on the architecture.
> Appreciated for your kindly help.
>
>
>
> Best, Wenxing
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
With Regards,

*Rasika Perera*
Software Engineer
LinkedIn: http://lk.linkedin.com/in/rasika90

[image: wso2-signature-general.png] 

WSO2 Inc. www.wso2.com
lean.enterprise.middleware
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] About the runtime architecture of WSO2 Application Server

2016-09-13 Thread wenxzhen 
Thanks to Rasika. We are using AS530. From the description of docs[2], it seems 
the Services in Jar file are being executed on the AXIS2 engine, therefore it 
should be in SOAP message.

 

As we may have different/multiple SaaS applications, every application needs to 
do the authorization and authentication against the user management tables. 
Does the Carbon or AS by default provides a REST API to do the work? Or can we 
provide a REST/JSON API for the user management to simplify the work or reuse 
the codes? Any potential issue we may meet on the way to go?

 

Thanks again,

Best, Wenxing

 

From: Rasika Perera [mailto:rasi...@wso2.com] 
Sent: Tuesday, September 13, 2016 6:29 PM
To: 郑文兴
Cc: WSO2 Developers' List
Subject: Re: [Dev] About the runtime architecture of WSO2 Application Server

 

Hi Wenxing,

 

Please refer docs [1] and [2] for Services/Applications deployment. WSO2 
Applications Server deploys the web applications on an internal embedded Tomcat 
server. Hence, apps are served through tomcats threads pool.

 

You can find more higher level architecture of WSO2 AS on doc link[3].

 

Let us know which version you are using If you need further details.

 

Thanks,

Rasika

 

[1] https://docs.wso2.com/display/AS530/Application+Development+and+Deployment

[2] https://docs.wso2.com/display/AS530/Services+Development+and+Deployment

[3] https://docs.wso2.com/display/AS530/Architecture

 

On Tue, Sep 13, 2016 at 10:57 AM, 郑文兴  wrote:

Dear all,

 

During the running of the WSO2 AS, how will the Services/Applications be run or 
scheduled on the Application Server? Are they running on different processes or 
threads?

 

Please shed some light and share more details on the architecture. Appreciated 
for your kindly help.

 

Best, Wenxing


___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev





 

-- 

With Regards,


Rasika Perera
Software Engineer

LinkedIn: http://lk.linkedin.com/in/rasika90

 <https://wso2.com/signature> wso2-signature-general.png

 

WSO2 Inc.  <http://www.wso2.com/> www.wso2.com

lean.enterprise.middleware

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] About the runtime architecture of WSO2 Application Server

2016-09-13 Thread Thusitha Thilina Dayaratne 
Hi Wenxing,

Can you use the SingleSignOn for your requirment[1]?
[1] - https://docs.wso2.com/display/AS530/Using+SSO+with+Web+Applications
<https://docs.wso2.com/display/AS530/Using+SSO+with+Web+Applications>

Thanks

On Tue, Sep 13, 2016 at 4:25 PM, wenxzhen  wrote:

> Thanks to Rasika. We are using AS530. From the description of docs[2], it
> seems the Services in Jar file are being executed on the AXIS2 engine,
> therefore it should be in SOAP message.
>
>
>
> As we may have different/multiple SaaS applications, every application
> needs to do the authorization and authentication against the user
> management tables. Does the Carbon or AS by default provides a REST API to
> do the work? Or can we provide a REST/JSON API for the user management to
> simplify the work or reuse the codes? Any potential issue we may meet on
> the way to go?
>
>
>
> Thanks again,
>
> Best, Wenxing
>
>
>
> *From:* Rasika Perera [mailto:rasi...@wso2.com]
> *Sent:* Tuesday, September 13, 2016 6:29 PM
> *To:* 郑文兴
> *Cc:* WSO2 Developers' List
> *Subject:* Re: [Dev] About the runtime architecture of WSO2 Application
> Server
>
>
>
> Hi Wenxing,
>
>
>
> Please refer docs [1] and [2] for Services/Applications deployment. WSO2
> Applications Server deploys the web applications on an internal embedded
> Tomcat server. Hence, apps are served through tomcats threads pool.
>
>
>
> You can find more higher level architecture of WSO2 AS on doc link[3].
>
>
>
> Let us know which version you are using If you need further details.
>
>
>
> Thanks,
>
> Rasika
>
>
>
> [1] https://docs.wso2.com/display/AS530/Application+Development+
> and+Deployment
>
> [2] https://docs.wso2.com/display/AS530/Services+
> Development+and+Deployment
>
> [3] https://docs.wso2.com/display/AS530/Architecture
>
>
>
> On Tue, Sep 13, 2016 at 10:57 AM, 郑文兴  wrote:
>
> Dear all,
>
>
>
> During the running of the WSO2 AS, how will the Services/Applications be
> run or scheduled on the Application Server? Are they running on different
> processes or threads?
>
>
>
> Please shed some light and share more details on the architecture.
> Appreciated for your kindly help.
>
>
>
> Best, Wenxing
>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>
>
>
>
> --
>
> With Regards,
>
>
> *Rasika Perera*
> Software Engineer
>
> LinkedIn: http://lk.linkedin.com/in/rasika90
>
> [image: wso2-signature-general.png] <https://wso2.com/signature>
>
>
>
> WSO2 Inc. www.wso2.com
>
> lean.enterprise.middleware
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
Thusitha Dayaratne
Software Engineer
WSO2 Inc. - lean . enterprise . middleware |  wso2.com

Mobile  +94712756809
Blog  alokayasoya.blogspot.com
Abouthttp://about.me/thusithathilina
<http://wso2.com/signature>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] About the runtime architecture of WSO2 Application Server

2016-09-13 Thread wenxzhen 
Yes, in some extent, we need to use the SSO but we need more:

1. We have App1 for CustomerA

2. We have another App2 for CustomerB

3. Both App1 and App2 are Web applications running on WSO2 AS, and both 
Apps needs to do the authorization and authentication

4. What would be the best practice to re-use the codes? I am thinking 
to wrap the User Management into a REST/JSON API, so that both App1 and App2 
can access and JSON would be much more light weight

 

Please kindly advice

Thanks, Wenxing

 

From: Thusitha Thilina Dayaratne [mailto:thusit...@wso2.com] 
Sent: Tuesday, September 13, 2016 7:28 PM
To: wenxzhen
Cc: WSO2 Developers' List
Subject: Re: [Dev] About the runtime architecture of WSO2 Application Server

 

Hi Wenxing,

 

Can you use the SingleSignOn for your requirment[1]?

[1] - <https://docs.wso2.com/display/AS530/Using+SSO+with+Web+Applications>  
https://docs.wso2.com/display/AS530/Using+SSO+with+Web+Applications

 

Thanks

 

On Tue, Sep 13, 2016 at 4:25 PM, wenxzhen  wrote:

Thanks to Rasika. We are using AS530. From the description of docs[2], it seems 
the Services in Jar file are being executed on the AXIS2 engine, therefore it 
should be in SOAP message.

 

As we may have different/multiple SaaS applications, every application needs to 
do the authorization and authentication against the user management tables. 
Does the Carbon or AS by default provides a REST API to do the work? Or can we 
provide a REST/JSON API for the user management to simplify the work or reuse 
the codes? Any potential issue we may meet on the way to go?

 

Thanks again,

Best, Wenxing

 

From: Rasika Perera [mailto:rasi...@wso2.com] 
Sent: Tuesday, September 13, 2016 6:29 PM
To: 郑文兴
Cc: WSO2 Developers' List
Subject: Re: [Dev] About the runtime architecture of WSO2 Application Server

 

Hi Wenxing,

 

Please refer docs [1] and [2] for Services/Applications deployment. WSO2 
Applications Server deploys the web applications on an internal embedded Tomcat 
server. Hence, apps are served through tomcats threads pool.

 

You can find more higher level architecture of WSO2 AS on doc link[3].

 

Let us know which version you are using If you need further details.

 

Thanks,

Rasika

 

[1] https://docs.wso2.com/display/AS530/Application+Development+and+Deployment

[2] https://docs.wso2.com/display/AS530/Services+Development+and+Deployment

[3] https://docs.wso2.com/display/AS530/Architecture

 

On Tue, Sep 13, 2016 at 10:57 AM, 郑文兴  wrote:

Dear all,

 

During the running of the WSO2 AS, how will the Services/Applications be run or 
scheduled on the Application Server? Are they running on different processes or 
threads?

 

Please shed some light and share more details on the architecture. Appreciated 
for your kindly help.

 

Best, Wenxing


___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev





 

-- 

With Regards,


Rasika Perera
Software Engineer

LinkedIn: http://lk.linkedin.com/in/rasika90

 <https://wso2.com/signature> wso2-signature-general.png

 

WSO2 Inc.  <http://www.wso2.com/> www.wso2.com

lean.enterprise.middleware


___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev





 

-- 

Thusitha Dayaratne

Software Engineer

WSO2 Inc. - lean . enterprise . middleware |   <http://wso2.com/> wso2.com

 

Mobile  +94712756809

Blog  alokayasoya.blogspot.com

Abouthttp://about.me/thusithathilina

 <http://wso2.com/signature> 

 

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] About the runtime architecture of WSO2 Application Server

2016-09-13 Thread KasunG Gajasinghe 
Hi wenxzhen,

User management is one of the strong suites of the WSO2 platform. For web
applications, a Tomcat realm called CarbonTomcatRealm [1] is provided that
can authenticate web applications. This transparently works with web.xml
security-constraints for "container managed security" of Tomcat.

But if you do require a more flexible way to handle authentication and
authorization, then you can use the *AuthenticationAdmin* endpoint. This is
not a REST API though, it is based on SOAP. Checkout the doc [2] for more
info on this. If you are interested in this route, we can discuss how to
workaround the SOAP requirements though!


[1]
https://github.com/wso2/carbon-kernel/blob/4.4.x/core/org.wso2.carbon.tomcat.ext/src/main/java/org/wso2/carbon/tomcat/ext/realms/CarbonTomcatRealm.java

[2] https://docs.wso2.com/display/AM170/WSO2+Admin+Services

Regards,
KasunG

On Tue, Sep 13, 2016 at 5:09 PM, wenxzhen  wrote:

> Yes, in some extent, we need to use the SSO but we need more:
>
> 1. We have App1 for CustomerA
>
> 2. We have another App2 for CustomerB
>
> 3. Both App1 and App2 are Web applications running on WSO2 AS,
> and both Apps needs to do the authorization and authentication
>
> 4. What would be the best practice to re-use the codes? I am
> thinking to wrap the User Management into a REST/JSON API, so that both
> App1 and App2 can access and JSON would be much more light weight
>
>
>
> Please kindly advice
>
> Thanks, Wenxing
>
>
>
> *From:* Thusitha Thilina Dayaratne [mailto:thusit...@wso2.com]
> *Sent:* Tuesday, September 13, 2016 7:28 PM
> *To:* wenxzhen
>
> *Cc:* WSO2 Developers' List
> *Subject:* Re: [Dev] About the runtime architecture of WSO2 Application
> Server
>
>
>
> Hi Wenxing,
>
>
>
> Can you use the SingleSignOn for your requirment[1]?
>
> [1] - https://docs.wso2.com/display/AS530/Using+SSO+with+Web+Applications
> <https://docs.wso2.com/display/AS530/Using+SSO+with+Web+Applications>
>
>
>
> Thanks
>
>
>
> On Tue, Sep 13, 2016 at 4:25 PM, wenxzhen  wrote:
>
> Thanks to Rasika. We are using AS530. From the description of docs[2], it
> seems the Services in Jar file are being executed on the AXIS2 engine,
> therefore it should be in SOAP message.
>
>
>
> As we may have different/multiple SaaS applications, every application
> needs to do the authorization and authentication against the user
> management tables. Does the Carbon or AS by default provides a REST API to
> do the work? Or can we provide a REST/JSON API for the user management to
> simplify the work or reuse the codes? Any potential issue we may meet on
> the way to go?
>
>
>
> Thanks again,
>
> Best, Wenxing
>
>
>
> *From:* Rasika Perera [mailto:rasi...@wso2.com]
> *Sent:* Tuesday, September 13, 2016 6:29 PM
> *To:* 郑文兴
> *Cc:* WSO2 Developers' List
> *Subject:* Re: [Dev] About the runtime architecture of WSO2 Application
> Server
>
>
>
> Hi Wenxing,
>
>
>
> Please refer docs [1] and [2] for Services/Applications deployment. WSO2
> Applications Server deploys the web applications on an internal embedded
> Tomcat server. Hence, apps are served through tomcats threads pool.
>
>
>
> You can find more higher level architecture of WSO2 AS on doc link[3].
>
>
>
> Let us know which version you are using If you need further details.
>
>
>
> Thanks,
>
> Rasika
>
>
>
> [1] https://docs.wso2.com/display/AS530/Application+Development+
> and+Deployment
>
> [2] https://docs.wso2.com/display/AS530/Services+
> Development+and+Deployment
>
> [3] https://docs.wso2.com/display/AS530/Architecture
>
>
>
> On Tue, Sep 13, 2016 at 10:57 AM, 郑文兴  wrote:
>
> Dear all,
>
>
>
> During the running of the WSO2 AS, how will the Services/Applications be
> run or scheduled on the Application Server? Are they running on different
> processes or threads?
>
>
>
> Please shed some light and share more details on the architecture.
> Appreciated for your kindly help.
>
>
>
> Best, Wenxing
>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>
>
>
>
> --
>
> With Regards,
>
>
> *Rasika Perera*
> Software Engineer
>
> LinkedIn: http://lk.linkedin.com/in/rasika90
>
> [image: wso2-signature-general.png] <https://wso2.com/signature>
>
>
>
> WSO2 Inc. www.wso2.com
>
> lean.enterprise.middleware
>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>
>

Re: [Dev] About the runtime architecture of WSO2 Application Server

2016-09-13 Thread wenxzhen 
The CarbonTomcatRealm is good to do the Authentication, sorry to miss that the 
Applications need to create their own Users, Roles and etc. Therefore we do 
need a Service endpoint for User Management or we need to provide a common 
library.

 

Furthermore, the Client Web applications provides the JSON messages in 
HTTP/HTTPs to AS, How to workaround this requirement?

 

Thanks, Wenxing 

 

From: KasunG Gajasinghe [mailto:kas...@wso2.com] 
Sent: Tuesday, September 13, 2016 7:59 PM
To: wenxzhen
Cc: Thusitha Thilina Dayaratne; WSO2 Developers' List
Subject: Re: [Dev] About the runtime architecture of WSO2 Application Server

 

Hi wenxzhen,

 

User management is one of the strong suites of the WSO2 platform. For web 
applications, a Tomcat realm called CarbonTomcatRealm [1] is provided that can 
authenticate web applications. This transparently works with web.xml 
security-constraints for "container managed security" of Tomcat.

 

But if you do require a more flexible way to handle authentication and 
authorization, then you can use the AuthenticationAdmin endpoint. This is not a 
REST API though, it is based on SOAP. Checkout the doc [2] for more info on 
this. If you are interested in this route, we can discuss how to workaround the 
SOAP requirements though!

 

 

[1] 
https://github.com/wso2/carbon-kernel/blob/4.4.x/core/org.wso2.carbon.tomcat.ext/src/main/java/org/wso2/carbon/tomcat/ext/realms/CarbonTomcatRealm.java

 

[2] https://docs.wso2.com/display/AM170/WSO2+Admin+Services

 

Regards,

KasunG

 

On Tue, Sep 13, 2016 at 5:09 PM, wenxzhen  wrote:

Yes, in some extent, we need to use the SSO but we need more:

1. We have App1 for CustomerA

2. We have another App2 for CustomerB

3. Both App1 and App2 are Web applications running on WSO2 AS, and both 
Apps needs to do the authorization and authentication

4. What would be the best practice to re-use the codes? I am thinking 
to wrap the User Management into a REST/JSON API, so that both App1 and App2 
can access and JSON would be much more light weight

 

Please kindly advice

Thanks, Wenxing

 

From: Thusitha Thilina Dayaratne [mailto:thusit...@wso2.com] 
Sent: Tuesday, September 13, 2016 7:28 PM
To: wenxzhen


Cc: WSO2 Developers' List
Subject: Re: [Dev] About the runtime architecture of WSO2 Application Server

 

Hi Wenxing,

 

Can you use the SingleSignOn for your requirment[1]?

[1] - <https://docs.wso2.com/display/AS530/Using+SSO+with+Web+Applications>  
https://docs.wso2.com/display/AS530/Using+SSO+with+Web+Applications

 

Thanks

 

On Tue, Sep 13, 2016 at 4:25 PM, wenxzhen  wrote:

Thanks to Rasika. We are using AS530. From the description of docs[2], it seems 
the Services in Jar file are being executed on the AXIS2 engine, therefore it 
should be in SOAP message.

 

As we may have different/multiple SaaS applications, every application needs to 
do the authorization and authentication against the user management tables. 
Does the Carbon or AS by default provides a REST API to do the work? Or can we 
provide a REST/JSON API for the user management to simplify the work or reuse 
the codes? Any potential issue we may meet on the way to go?

 

Thanks again,

Best, Wenxing

 

From: Rasika Perera [mailto:rasi...@wso2.com] 
Sent: Tuesday, September 13, 2016 6:29 PM
To: 郑文兴
Cc: WSO2 Developers' List
Subject: Re: [Dev] About the runtime architecture of WSO2 Application Server

 

Hi Wenxing,

 

Please refer docs [1] and [2] for Services/Applications deployment. WSO2 
Applications Server deploys the web applications on an internal embedded Tomcat 
server. Hence, apps are served through tomcats threads pool.

 

You can find more higher level architecture of WSO2 AS on doc link[3].

 

Let us know which version you are using If you need further details.

 

Thanks,

Rasika

 

[1] https://docs.wso2.com/display/AS530/Application+Development+and+Deployment

[2] https://docs.wso2.com/display/AS530/Services+Development+and+Deployment

[3] https://docs.wso2.com/display/AS530/Architecture

 

On Tue, Sep 13, 2016 at 10:57 AM, 郑文兴  wrote:

Dear all,

 

During the running of the WSO2 AS, how will the Services/Applications be run or 
scheduled on the Application Server? Are they running on different processes or 
threads?

 

Please shed some light and share more details on the architecture. Appreciated 
for your kindly help.

 

Best, Wenxing


___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev





 

-- 

With Regards,


Rasika Perera
Software Engineer

LinkedIn: http://lk.linkedin.com/in/rasika90

 <https://wso2.com/signature> wso2-signature-general.png

 

WSO2 Inc.  <http://www.wso2.com/> www.wso2.com

lean.enterprise.middleware


___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev





 

-- 

Thusitha Dayaratne

Softw

Re: [Dev] About the runtime architecture of WSO2 Application Server

2016-09-13 Thread KasunG Gajasinghe 
On Tue, Sep 13, 2016 at 5:51 PM, wenxzhen  wrote:

> The CarbonTomcatRealm is good to do the Authentication, sorry to miss that
> the Applications need to create their own Users, Roles and etc. Therefore
> we do need a Service endpoint for User Management or we need to provide a
> common library.
>
>
>
Furthermore, the Client Web applications provides the JSON messages in
> HTTP/HTTPs to AS, How to workaround this requirement?
>


I've used the AuthenticationAdmin with XML. See the following curl request.
I figured out the message format by looking at the 'login' operation of the
WSDL [3].

curl -vk *https://localhost:9443/services/AuthenticationAdmin/login
<https://localhost:9443/services/AuthenticationAdmin/login>* -d
"*adminadmin*"
--header 'Content-Type: application/xml'

User management can be done with UserAdmin service which is mentioned in
the same link I sent before.

[3]
https://github.com/wso2/carbon-kernel/blob/4.4.x/core/org.wso2.carbon.authenticator.proxy/src/main/resources/AuthenticationAdmin.wsdl#L192


>
> Thanks, Wenxing
>
>
>
> *From:* KasunG Gajasinghe [mailto:kas...@wso2.com]
> *Sent:* Tuesday, September 13, 2016 7:59 PM
> *To:* wenxzhen
> *Cc:* Thusitha Thilina Dayaratne; WSO2 Developers' List
>
> *Subject:* Re: [Dev] About the runtime architecture of WSO2 Application
> Server
>
>
>
> Hi wenxzhen,
>
>
>
> User management is one of the strong suites of the WSO2 platform. For web
> applications, a Tomcat realm called CarbonTomcatRealm [1] is provided that
> can authenticate web applications. This transparently works with web.xml
> security-constraints for "container managed security" of Tomcat.
>
>
>
> But if you do require a more flexible way to handle authentication and
> authorization, then you can use the *AuthenticationAdmin* endpoint. This
> is not a REST API though, it is based on SOAP. Checkout the doc [2] for
> more info on this. If you are interested in this route, we can discuss how
> to workaround the SOAP requirements though!
>
>
>
>
>
> [1] https://github.com/wso2/carbon-kernel/blob/4.4.x/core/
> org.wso2.carbon.tomcat.ext/src/main/java/org/wso2/carbon/
> tomcat/ext/realms/CarbonTomcatRealm.java
>
>
>
> [2] https://docs.wso2.com/display/AM170/WSO2+Admin+Services
>
>
>
> Regards,
>
> KasunG
>
>
>
> On Tue, Sep 13, 2016 at 5:09 PM, wenxzhen  wrote:
>
> Yes, in some extent, we need to use the SSO but we need more:
>
> 1. We have App1 for CustomerA
>
> 2. We have another App2 for CustomerB
>
> 3. Both App1 and App2 are Web applications running on WSO2 AS,
> and both Apps needs to do the authorization and authentication
>
> 4. What would be the best practice to re-use the codes? I am
> thinking to wrap the User Management into a REST/JSON API, so that both
> App1 and App2 can access and JSON would be much more light weight
>
>
>
> Please kindly advice
>
> Thanks, Wenxing
>
>
>
> *From:* Thusitha Thilina Dayaratne [mailto:thusit...@wso2.com]
> *Sent:* Tuesday, September 13, 2016 7:28 PM
> *To:* wenxzhen
>
>
> *Cc:* WSO2 Developers' List
> *Subject:* Re: [Dev] About the runtime architecture of WSO2 Application
> Server
>
>
>
> Hi Wenxing,
>
>
>
> Can you use the SingleSignOn for your requirment[1]?
>
> [1] - https://docs.wso2.com/display/AS530/Using+SSO+with+Web+Applications
> <https://docs.wso2.com/display/AS530/Using+SSO+with+Web+Applications>
>
>
>
> Thanks
>
>
>
> On Tue, Sep 13, 2016 at 4:25 PM, wenxzhen  wrote:
>
> Thanks to Rasika. We are using AS530. From the description of docs[2], it
> seems the Services in Jar file are being executed on the AXIS2 engine,
> therefore it should be in SOAP message.
>
>
>
> As we may have different/multiple SaaS applications, every application
> needs to do the authorization and authentication against the user
> management tables. Does the Carbon or AS by default provides a REST API to
> do the work? Or can we provide a REST/JSON API for the user management to
> simplify the work or reuse the codes? Any potential issue we may meet on
> the way to go?
>
>
>
> Thanks again,
>
> Best, Wenxing
>
>
>
> *From:* Rasika Perera [mailto:rasi...@wso2.com]
> *Sent:* Tuesday, September 13, 2016 6:29 PM
> *To:* 郑文兴
> *Cc:* WSO2 Developers' List
> *Subject:* Re: [Dev] About the runtime architecture of WSO2 Application
> Server
>
>
>
> Hi Wenxing,
>
>
>
> Please refer docs [1] and [2] for Services/Applications deployment. WSO2
> Applications Server deploys the web applications on an internal embedded
> Tomcat

Re: [Dev] About the runtime architecture of WSO2 Application Server

2016-09-13 Thread wenxzhen 
Sorry, I didn’t quite get it. Does it mean that we have to use a formatter to 
do the conversion from JSON to XML, and then from XML to JSON back to browser 
client?

 

From: KasunG Gajasinghe [mailto:kas...@wso2.com] 
Sent: Tuesday, September 13, 2016 9:29 PM
To: wenxzhen
Cc: Thusitha Thilina Dayaratne; WSO2 Developers' List
Subject: Re: [Dev] About the runtime architecture of WSO2 Application Server

 

 

 

On Tue, Sep 13, 2016 at 5:51 PM, wenxzhen  wrote:

The CarbonTomcatRealm is good to do the Authentication, sorry to miss that the 
Applications need to create their own Users, Roles and etc. Therefore we do 
need a Service endpoint for User Management or we need to provide a common 
library.

 

Furthermore, the Client Web applications provides the JSON messages in 
HTTP/HTTPs to AS, How to workaround this requirement?

 

 

I've used the AuthenticationAdmin with XML. See the following curl request. I 
figured out the message format by looking at the 'login' operation of the WSDL 
[3]. 

 

curl -vk https://localhost:9443/services/AuthenticationAdmin/login -d 
"adminadmin"
 --header 'Content-Type: application/xml'

 

User management can be done with UserAdmin service which is mentioned in the 
same link I sent before.

 

[3] 
https://github.com/wso2/carbon-kernel/blob/4.4.x/core/org.wso2.carbon.authenticator.proxy/src/main/resources/AuthenticationAdmin.wsdl#L192

 

 

Thanks, Wenxing 

 

From: KasunG Gajasinghe [mailto:kas...@wso2.com] 
Sent: Tuesday, September 13, 2016 7:59 PM
To: wenxzhen
Cc: Thusitha Thilina Dayaratne; WSO2 Developers' List


Subject: Re: [Dev] About the runtime architecture of WSO2 Application Server

 

Hi wenxzhen,

 

User management is one of the strong suites of the WSO2 platform. For web 
applications, a Tomcat realm called CarbonTomcatRealm [1] is provided that can 
authenticate web applications. This transparently works with web.xml 
security-constraints for "container managed security" of Tomcat.

 

But if you do require a more flexible way to handle authentication and 
authorization, then you can use the AuthenticationAdmin endpoint. This is not a 
REST API though, it is based on SOAP. Checkout the doc [2] for more info on 
this. If you are interested in this route, we can discuss how to workaround the 
SOAP requirements though!

 

 

[1] 
https://github.com/wso2/carbon-kernel/blob/4.4.x/core/org.wso2.carbon.tomcat.ext/src/main/java/org/wso2/carbon/tomcat/ext/realms/CarbonTomcatRealm.java

 

[2] https://docs.wso2.com/display/AM170/WSO2+Admin+Services

 

Regards,

KasunG

 

On Tue, Sep 13, 2016 at 5:09 PM, wenxzhen  wrote:

Yes, in some extent, we need to use the SSO but we need more:

1. We have App1 for CustomerA

2. We have another App2 for CustomerB

3. Both App1 and App2 are Web applications running on WSO2 AS, and both 
Apps needs to do the authorization and authentication

4. What would be the best practice to re-use the codes? I am thinking 
to wrap the User Management into a REST/JSON API, so that both App1 and App2 
can access and JSON would be much more light weight

 

Please kindly advice

Thanks, Wenxing

 

From: Thusitha Thilina Dayaratne [mailto:thusit...@wso2.com] 
Sent: Tuesday, September 13, 2016 7:28 PM
To: wenxzhen


Cc: WSO2 Developers' List
Subject: Re: [Dev] About the runtime architecture of WSO2 Application Server

 

Hi Wenxing,

 

Can you use the SingleSignOn for your requirment[1]?

[1] - <https://docs.wso2.com/display/AS530/Using+SSO+with+Web+Applications>  
https://docs.wso2.com/display/AS530/Using+SSO+with+Web+Applications

 

Thanks

 

On Tue, Sep 13, 2016 at 4:25 PM, wenxzhen  wrote:

Thanks to Rasika. We are using AS530. From the description of docs[2], it seems 
the Services in Jar file are being executed on the AXIS2 engine, therefore it 
should be in SOAP message.

 

As we may have different/multiple SaaS applications, every application needs to 
do the authorization and authentication against the user management tables. 
Does the Carbon or AS by default provides a REST API to do the work? Or can we 
provide a REST/JSON API for the user management to simplify the work or reuse 
the codes? Any potential issue we may meet on the way to go?

 

Thanks again,

Best, Wenxing

 

From: Rasika Perera [mailto:rasi...@wso2.com] 
Sent: Tuesday, September 13, 2016 6:29 PM
To: 郑文兴
Cc: WSO2 Developers' List
Subject: Re: [Dev] About the runtime architecture of WSO2 Application Server

 

Hi Wenxing,

 

Please refer docs [1] and [2] for Services/Applications deployment. WSO2 
Applications Server deploys the web applications on an internal embedded Tomcat 
server. Hence, apps are served through tomcats threads pool.

 

You can find more higher level architecture of WSO2 AS on doc link[3].

 

Let us know which version you are using If you need further details.

 

Thanks,

Rasika

 

[1] https://docs.wso2.com/display/AS530/Ap

Re: [Dev] About the runtime architecture of WSO2 Application Server

2016-09-13 Thread wenxzhen 
BTW: I found this post: 
http://wso2.com/library/knowledge-base/add-json-support-wso2-wsas/. Is it still 
valid to AS 5.3.0? workable for my requirement?

 

Thanks, Wenxing

 

From: Dev [mailto:dev-boun...@wso2.org] On Behalf Of wenxzhen
Sent: Tuesday, September 13, 2016 10:58 PM
To: 'KasunG Gajasinghe'
Cc: 'WSO2 Developers' List'
Subject: Re: [Dev] About the runtime architecture of WSO2 Application Server

 

Sorry, I didn’t quite get it. Does it mean that we have to use a formatter to 
do the conversion from JSON to XML, and then from XML to JSON back to browser 
client?

 

From: KasunG Gajasinghe [mailto:kas...@wso2.com] 
Sent: Tuesday, September 13, 2016 9:29 PM
To: wenxzhen
Cc: Thusitha Thilina Dayaratne; WSO2 Developers' List
Subject: Re: [Dev] About the runtime architecture of WSO2 Application Server

 

 

 

On Tue, Sep 13, 2016 at 5:51 PM, wenxzhen  wrote:

The CarbonTomcatRealm is good to do the Authentication, sorry to miss that the 
Applications need to create their own Users, Roles and etc. Therefore we do 
need a Service endpoint for User Management or we need to provide a common 
library.

 

Furthermore, the Client Web applications provides the JSON messages in 
HTTP/HTTPs to AS, How to workaround this requirement?

 

 

I've used the AuthenticationAdmin with XML. See the following curl request. I 
figured out the message format by looking at the 'login' operation of the WSDL 
[3]. 

 

curl -vk https://localhost:9443/services/AuthenticationAdmin/login -d 
"adminadmin"
 --header 'Content-Type: application/xml'

 

User management can be done with UserAdmin service which is mentioned in the 
same link I sent before.

 

[3] 
https://github.com/wso2/carbon-kernel/blob/4.4.x/core/org.wso2.carbon.authenticator.proxy/src/main/resources/AuthenticationAdmin.wsdl#L192

 

 

Thanks, Wenxing 

 

From: KasunG Gajasinghe [mailto:kas...@wso2.com] 
Sent: Tuesday, September 13, 2016 7:59 PM
To: wenxzhen
Cc: Thusitha Thilina Dayaratne; WSO2 Developers' List


Subject: Re: [Dev] About the runtime architecture of WSO2 Application Server

 

Hi wenxzhen,

 

User management is one of the strong suites of the WSO2 platform. For web 
applications, a Tomcat realm called CarbonTomcatRealm [1] is provided that can 
authenticate web applications. This transparently works with web.xml 
security-constraints for "container managed security" of Tomcat.

 

But if you do require a more flexible way to handle authentication and 
authorization, then you can use the AuthenticationAdmin endpoint. This is not a 
REST API though, it is based on SOAP. Checkout the doc [2] for more info on 
this. If you are interested in this route, we can discuss how to workaround the 
SOAP requirements though!

 

 

[1] 
https://github.com/wso2/carbon-kernel/blob/4.4.x/core/org.wso2.carbon.tomcat.ext/src/main/java/org/wso2/carbon/tomcat/ext/realms/CarbonTomcatRealm.java

 

[2] https://docs.wso2.com/display/AM170/WSO2+Admin+Services

 

Regards,

KasunG

 

On Tue, Sep 13, 2016 at 5:09 PM, wenxzhen  wrote:

Yes, in some extent, we need to use the SSO but we need more:

1. We have App1 for CustomerA

2. We have another App2 for CustomerB

3. Both App1 and App2 are Web applications running on WSO2 AS, and both 
Apps needs to do the authorization and authentication

4. What would be the best practice to re-use the codes? I am thinking 
to wrap the User Management into a REST/JSON API, so that both App1 and App2 
can access and JSON would be much more light weight

 

Please kindly advice

Thanks, Wenxing

 

From: Thusitha Thilina Dayaratne [mailto:thusit...@wso2.com] 
Sent: Tuesday, September 13, 2016 7:28 PM
To: wenxzhen


Cc: WSO2 Developers' List
Subject: Re: [Dev] About the runtime architecture of WSO2 Application Server

 

Hi Wenxing,

 

Can you use the SingleSignOn for your requirment[1]?

[1] - <https://docs.wso2.com/display/AS530/Using+SSO+with+Web+Applications>  
https://docs.wso2.com/display/AS530/Using+SSO+with+Web+Applications

 

Thanks

 

On Tue, Sep 13, 2016 at 4:25 PM, wenxzhen  wrote:

Thanks to Rasika. We are using AS530. From the description of docs[2], it seems 
the Services in Jar file are being executed on the AXIS2 engine, therefore it 
should be in SOAP message.

 

As we may have different/multiple SaaS applications, every application needs to 
do the authorization and authentication against the user management tables. 
Does the Carbon or AS by default provides a REST API to do the work? Or can we 
provide a REST/JSON API for the user management to simplify the work or reuse 
the codes? Any potential issue we may meet on the way to go?

 

Thanks again,

Best, Wenxing

 

From: Rasika Perera [mailto:rasi...@wso2.com] 
Sent: Tuesday, September 13, 2016 6:29 PM
To: 郑文兴
Cc: WSO2 Developers' List
Subject: Re: [Dev] About the runtime architecture of WSO2 Application Server

 

Hi Wen

Re: [Dev] About the runtime architecture of WSO2 Application Server

2016-09-14 Thread Thusitha Thilina Dayaratne 
Hi Wenxing,

BTW: I found this post: http://wso2.com/library/knowledge-base/add-json-
> support-wso2-wsas/. Is it still valid to AS 5.3.0? workable for my
> requirement?

That library article was written for an old version. This is support by
default in the AS 5.3.0

Thanks
Thusitha

On Tue, Sep 13, 2016 at 9:17 PM, wenxzhen  wrote:

> BTW: I found this post: http://wso2.com/library/knowledge-base/add-json-
> support-wso2-wsas/. Is it still valid to AS 5.3.0? workable for my
> requirement?
>
>
>
> Thanks, Wenxing
>
>
>
> *From:* Dev [mailto:dev-boun...@wso2.org] *On Behalf Of *wenxzhen
> *Sent:* Tuesday, September 13, 2016 10:58 PM
> *To:* 'KasunG Gajasinghe'
>
> *Cc:* 'WSO2 Developers' List'
> *Subject:* Re: [Dev] About the runtime architecture of WSO2 Application
> Server
>
>
>
> Sorry, I didn’t quite get it. Does it mean that we have to use a formatter
> to do the conversion from JSON to XML, and then from XML to JSON back to
> browser client?
>
>
>
> *From:* KasunG Gajasinghe [mailto:kas...@wso2.com]
> *Sent:* Tuesday, September 13, 2016 9:29 PM
> *To:* wenxzhen
> *Cc:* Thusitha Thilina Dayaratne; WSO2 Developers' List
> *Subject:* Re: [Dev] About the runtime architecture of WSO2 Application
> Server
>
>
>
>
>
>
>
> On Tue, Sep 13, 2016 at 5:51 PM, wenxzhen  wrote:
>
> The CarbonTomcatRealm is good to do the Authentication, sorry to miss that
> the Applications need to create their own Users, Roles and etc. Therefore
> we do need a Service endpoint for User Management or we need to provide a
> common library.
>
>
>
> Furthermore, the Client Web applications provides the JSON messages in
> HTTP/HTTPs to AS, How to workaround this requirement?
>
>
>
>
>
> I've used the AuthenticationAdmin with XML. See the following curl
> request. I figured out the message format by looking at the 'login'
> operation of the WSDL [3].
>
>
>
> curl -vk *https://localhost:9443/services/AuthenticationAdmin/login
> <https://localhost:9443/services/AuthenticationAdmin/login>* -d 
> "* xmlns:ns='http://authentication.services.core.carbon.wso2.org
> <http://authentication.services.core.carbon.wso2.org>'>adminadmin*"
> --header 'Content-Type: application/xml'
>
>
>
> User management can be done with UserAdmin service which is mentioned in
> the same link I sent before.
>
>
>
> [3] https://github.com/wso2/carbon-kernel/blob/4.4.x/core/
> org.wso2.carbon.authenticator.proxy/src/main/resources/
> AuthenticationAdmin.wsdl#L192
>
>
>
>
>
> Thanks, Wenxing
>
>
>
> *From:* KasunG Gajasinghe [mailto:kas...@wso2.com]
> *Sent:* Tuesday, September 13, 2016 7:59 PM
> *To:* wenxzhen
> *Cc:* Thusitha Thilina Dayaratne; WSO2 Developers' List
>
>
> *Subject:* Re: [Dev] About the runtime architecture of WSO2 Application
> Server
>
>
>
> Hi wenxzhen,
>
>
>
> User management is one of the strong suites of the WSO2 platform. For web
> applications, a Tomcat realm called CarbonTomcatRealm [1] is provided that
> can authenticate web applications. This transparently works with web.xml
> security-constraints for "container managed security" of Tomcat.
>
>
>
> But if you do require a more flexible way to handle authentication and
> authorization, then you can use the *AuthenticationAdmin* endpoint. This
> is not a REST API though, it is based on SOAP. Checkout the doc [2] for
> more info on this. If you are interested in this route, we can discuss how
> to workaround the SOAP requirements though!
>
>
>
>
>
> [1] https://github.com/wso2/carbon-kernel/blob/4.4.x/core/
> org.wso2.carbon.tomcat.ext/src/main/java/org/wso2/carbon/
> tomcat/ext/realms/CarbonTomcatRealm.java
>
>
>
> [2] https://docs.wso2.com/display/AM170/WSO2+Admin+Services
>
>
>
> Regards,
>
> KasunG
>
>
>
> On Tue, Sep 13, 2016 at 5:09 PM, wenxzhen  wrote:
>
> Yes, in some extent, we need to use the SSO but we need more:
>
> 1. We have App1 for CustomerA
>
> 2. We have another App2 for CustomerB
>
> 3. Both App1 and App2 are Web applications running on WSO2 AS,
> and both Apps needs to do the authorization and authentication
>
> 4. What would be the best practice to re-use the codes? I am
> thinking to wrap the User Management into a REST/JSON API, so that both
> App1 and App2 can access and JSON would be much more light weight
>
>
>
> Please kindly advice
>
> Thanks, Wenxing
>
>
>
> *From:* Thusitha Thilina Dayaratne [mailto:thusit...@wso2.com]
> *Sent:* Tuesday, September 13,