airavata-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Supun Nakandala <supun.nakand...@gmail.com>
Subject [GSoC] Status Update
Date Sun, 29 Jun 2014 18:01:07 GMT
Hi all,

Based on the feedback received I extended the proxy user API. The thrift
descriptors can be found at [1]. Also I incorporated the proxy API with PHP
Reference Gateway (PHPRG) and tested it locally.

Now PHPRG can support a more comprehensive user creation process using the
proxy API. It supports *first name, last name, email*, organization,
address, country, telephone, mobile, im, url while the bold ones are
mandatory and others are optional fields. [create_account_1.png,
create_account_1.png]

The tenant admin (gateway admin) who can log in to the wso2 IS can view the
users list and their profiles.[wso2_is_user_profile_1.png,
wso2_is_user_profile_2.png]

 The logged in user can also click on his username and change his password
and update his profile. [update_password.png, update_user_profile.png].

I have issues related to securing the communication between the gateway and
the proxy user api as thrift is not supporting SSL for some programming
languages including php(at least for now). What I am planning to do is to
use PKI encryption when sending password information and to use short lived
encrypted tokens during communication to avoid replay attacks.

Thank you
Supun

[1] -
https://github.com/scnakandala/airavata-userapi/blob/master/userapi/thrift-interface-descriptors/userAPI.thrift

Mime
View raw message