Hi Luciano and Raymond, More layer means more impact on performance, with your two suggests, which one is better in performance term?
Best regards Binh, Nguyen Thanh Cell phone: (+84)982260622 From: Luciano Resende [mailto:[email protected]] Sent: Saturday, August 11, 2012 4:17 AM To: [email protected] Subject: Re: Need help on Big SCA Applications deployment strategy On Fri, Aug 10, 2012 at 1:46 PM, Raymond Feng <[email protected]> wrote: The other option is to protect Tuscany services using a framework like oAuth 2.0. Tuscany allows you to expose services to HTTP, such as json-rpc or REST to become web apis. Adding a security layer in front of the web apis should help. Agree, and oAuth would provide you a better granularity for what applications and users can do. But in this case, where everything seems to be in a intranet, he would still have to add some kind of firewall to prevent any access that is not being authorized/proxyied by the oAuth layer, otherwise internal machines could still try to access the services endpoints directly. -- Luciano Resende http://people.apache.org/~lresende http://twitter.com/lresende1975 http://lresende.blogspot.com/
