airavata-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Suresh Marru <>
Subject Re: Should we use PasswordCallBack when creating server side classes
Date Thu, 22 Nov 2012 19:33:59 GMT
Hi Amila,

I think this needs clean up. We should have Airavata Server API (which in the future should
be implemented by a Airavata Service API). GFac and other services should based on this server
API. But clients should have a light weight client api which should PasswordCallback as you
and Chathuri are discussing. 

Volunteers for fracturing the API into client and server functions? Saminda, naturally you
have the most insights into this, will you time to get to this before the next release?


On Nov 22, 2012, at 1:05 PM, Amila Jayasekara <> wrote:

> Hi Chathuri,
> Some answers in-line. In summary password callback should be used only
> in the client side. This provides a way to get password in a way
> client preferred.
> E.g :- In XBaya like GUI clients need to get password from UI. So
> PasswordCallback provides a mechanism to implement these scenarios.
> We do not need password callback in server side. It seems the
> complication is due to use of same AiravataAPI in server side. As per
> what I understood Airavata API should be used in client side only. I
> am not quite sure why we are using AiravataAPI at GFac level. Thus
> server side components such as GFac should not use user passwords.
> Maybe Lahiru or Saminda can give more details about why we use
> AiravataAPI at other server side components.If AiravataAPI is
> necessary for other server side components such as GFac, probably we
> should create another abstraction of AiravataAPI without password
> callback.
> Thanks
> Amila
> On Thu, Nov 22, 2012 at 12:40 PM, Chathuri Wimalasena
> <> wrote:
>> Hi All,
>> In the process of replacing registry calls of XBaya with AiravataClient, we
>> had to change some classes in GFac and workflow interpreter services which
>> are instantiated from Xbaya. What we did was, we replace AiravataRegistry2
>> object with AiravataAPI object in those classes. For an example, have a
>> look in to GFacConfiguration class.
>> To create the AiravataAPI class, we need to pass registryURL, gateway,
>> username and passwordCallback object. This PasswordCallback is a client
>> specific implementation of PasswordCallBack interface. Same
>> PasswordCallback object is necessary when creating AiravataRegistry2 object
>> as well. IMO, we should not use PasswordCallback instance in the server
>> side classes.
> I agree with you. We should not use Password callback in server side.
>> Any idea how we can overcome that limitation ?
> I think to solve this first we need to figure out why we use
> AiravataAPI in server side components. Above i wrote some thoughts.
>> Thanks and Regards,
>> Chathuri

View raw message