airavata-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Supun Nakandala <supun.nakand...@gmail.com>
Subject Re: [GSoC] Status Update
Date Thu, 03 Jul 2014 16:32:48 GMT
Hi All,

Can I get a port open in gw26.iu.xsede.org (149.165.228.218) to run the
proxy user API. currently WSO2 IS is running in port 7443

Thanks,
Supun


On Wed, Jul 2, 2014 at 11:57 PM, Marlon Pierce <marpierc@iu.edu> wrote:

> Hi Supun, this is fine with me if it helps David. In general you should
> break your work up into workable segments. From my quick look, this seems
> like a good segment.
>
> Marlon
>
>
> On 7/2/14, 2:22 PM, Reagan, David Michael wrote:
>
>> If roles are not currently in the user API, then I don’t need it yet. But
>> please let me know as soon as roles are ready.
>>
>> I imagine it is OK to use the same server as wso2, but I’m not really in
>> a position to know. Perhaps someone else can comment?
>>
>> Dave
>>
>> From: Supun Nakandala [mailto:supun.nakandala@gmail.com]
>> Sent: Wednesday, July 02, 2014 2:09 PM
>> To: dev@airavata.apache.org
>> Subject: Re: [GSoC] Status Update
>>
>> There is a requirement of incorporating roles and permissions
>> functionality to the user API. Currently I am working on it. But until then
>> if we want we can go for a deployment of the current version of the server
>> and get the PHP Reference Gateway work with user API. I can deploy it in
>> the same server where wso2 IS is deployed. Is it okay to do so?
>>
>> On Wed, Jul 2, 2014 at 11:24 PM, Reagan, David Michael <dmreagan@iu.edu
>> <mailto:dmreagan@iu.edu>> wrote:
>> OK, thanks. When do you expect a public deployment?
>>
>> From: Supun Nakandala [mailto:supun.nakandala@gmail.com<mailto:
>> supun.nakandala@gmail.com>]
>>
>> Sent: Wednesday, July 02, 2014 1:14 PM
>> To: dev@airavata.apache.org<mailto:dev@airavata.apache.org>
>>
>>
>> Subject: Re: [GSoC] Status Update
>>
>> Hi Dave,
>>
>> You cannot use the API because it is not deployed publicly yet. You can
>> get the code from [1] and run the server locally and test the API. I have
>> not yet added the configuration files. It will take default localhost as
>> the server.
>>
>> Supun
>>
>> [1] - https://github.com/scnakandala/airavata-userapi/tree/master/userapi
>>
>> On Wed, Jul 2, 2014 at 10:39 PM, Reagan, David Michael <dmreagan@iu.edu
>> <mailto:dmreagan@iu.edu>> wrote:
>> Hey, Supun. I’m trying to use the new user API, but I’m getting an
>> exception with the following message:
>>
>> “TSocket: Could not connect to localhost:8932 (No connection could be
>> made because the target machine actively refused it. [10061])”
>>
>> It looks like this is coming from UserAPIClientFactory.php, where the
>> default host is localhost. I see that the default is being used because
>> when the factory is created in userapi_utilities.php, it is being passed an
>> empty array as input. What should the values in that input array be, and
>> where should they be defined in a config file somewhere?
>>
>>
>> Thanks,
>> Dave
>>
>>
>>
>> From: Amila Jayasekara [mailto:thejaka.amila@gmail.com<mailto:
>> thejaka.amila@gmail.com>]
>>
>> Sent: Monday, June 30, 2014 3:38 AM
>> To: dev
>> Subject: Re: [GSoC] Status Update
>>
>> Hi Supun,
>>
>> Very good progress. Please see some inline comments.
>>
>> On Sun, Jun 29, 2014 at 2:01 PM, Supun Nakandala <
>> supun.nakandala@gmail.com<mailto:supun.nakandala@gmail.com>> wrote:
>> Hi all,
>>
>> Based on the feedback received I extended the proxy user API. The thrift
>> descriptors can be found at [1]. Also I incorporated the proxy API with PHP
>> Reference Gateway (PHPRG) and tested it locally.
>>
>> Now PHPRG can support a more comprehensive user creation process using
>> the proxy API. It supports first name, last name, email, organization,
>> address, country, telephone, mobile, im, url while the bold ones are
>> mandatory and others are optional fields. [create_account_1.png,
>> create_account_1.png]
>>
>> The tenant admin (gateway admin) who can log in to the wso2 IS can view
>> the users list and their profiles.[wso2_is_user_profile_1.png,
>> wso2_is_user_profile_2.png]
>>
>> The logged in user can also click on his username and change his password
>> and update his profile. [update_password.png, update_user_profile.png].
>>
>> I have issues related to securing the communication between the gateway
>> and the proxy user api as thrift is not supporting SSL for some programming
>> languages including php(at least for now). What I am planning to do is to
>> use PKI encryption when sending password information and to use short lived
>> encrypted tokens during communication to avoid replay attacks.
>>
>> Generally it needs significant effort to come up with a both secure and
>> an efficient security protocol. Even SSL uses symmetric key after initial
>> handshake (after exchanging symmetric key). Therefore it would be great if
>> you could use an existing PHP SSL library such as [2], instead of PKI
>> encrypted passwords. I dont know how much effort is needed to incorporate
>> such implementation to thrift layer. But I do believe this is something
>> people have already done.
>>
>> [2] http://www.php.net/manual/en/book.openssl.php
>>
>> Thanks
>> -Thejaka Amila
>>
>>
>> Thank you
>> Supun
>>
>> [1] - https://github.com/scnakandala/airavata-userapi/
>> blob/master/userapi/thrift-interface-descriptors/userAPI.thrift
>>
>>
>>
>>
>>
>>
>> --
>> Thank you
>> Supun Nakandala
>> Dept. Computer Science and Engineering
>> University of Moratuwa
>>
>>
>>
>> --
>> Thank you
>> Supun Nakandala
>> Dept. Computer Science and Engineering
>> University of Moratuwa
>>
>
>


-- 
Thank you
Supun Nakandala
Dept. Computer Science and Engineering
University of Moratuwa

Mime
View raw message