airavata-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Amila Jayasekara <>
Subject Re: Should we use PasswordCallBack when creating server side classes
Date Thu, 22 Nov 2012 18:05:06 GMT
Hi Chathuri,

Some answers in-line. In summary password callback should be used only
in the client side. This provides a way to get password in a way
client preferred.

E.g :- In XBaya like GUI clients need to get password from UI. So
PasswordCallback provides a mechanism to implement these scenarios.

We do not need password callback in server side. It seems the
complication is due to use of same AiravataAPI in server side. As per
what I understood Airavata API should be used in client side only. I
am not quite sure why we are using AiravataAPI at GFac level. Thus
server side components such as GFac should not use user passwords.

Maybe Lahiru or Saminda can give more details about why we use
AiravataAPI at other server side components.If AiravataAPI is
necessary for other server side components such as GFac, probably we
should create another abstraction of AiravataAPI without password


On Thu, Nov 22, 2012 at 12:40 PM, Chathuri Wimalasena
<> wrote:
> Hi All,
> In the process of replacing registry calls of XBaya with AiravataClient, we
> had to change some classes in GFac and workflow interpreter services which
> are instantiated from Xbaya. What we did was, we replace AiravataRegistry2
> object with AiravataAPI object in those classes. For an example, have a
> look in to GFacConfiguration class.
> To create the AiravataAPI class, we need to pass registryURL, gateway,
> username and passwordCallback object. This PasswordCallback is a client
> specific implementation of PasswordCallBack interface. Same
> PasswordCallback object is necessary when creating AiravataRegistry2 object
> as well. IMO, we should not use PasswordCallback instance in the server
> side classes.

I agree with you. We should not use Password callback in server side.

> Any idea how we can overcome that limitation ?

I think to solve this first we need to figure out why we use
AiravataAPI in server side components. Above i wrote some thoughts.

> Thanks and Regards,
> Chathuri

View raw message