airavata-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Supun Nakandala <supun.nakand...@gmail.com>
Subject Re: [GSoC] Status Update
Date Wed, 02 Jul 2014 17:13:58 GMT
Hi Dave,

You cannot use the API because it is not deployed publicly yet. You can get
the code from [1] and run the server locally and test the API. I have not
yet added the configuration files. It will take default localhost as the
server.

Supun

[1] - https://github.com/scnakandala/airavata-userapi/tree/master/userapi


On Wed, Jul 2, 2014 at 10:39 PM, Reagan, David Michael <dmreagan@iu.edu>
wrote:

>  Hey, Supun. I’m trying to use the new user API, but I’m getting an
> exception with the following message:
>
>
>
> “TSocket: Could not connect to localhost:8932 (No connection could be
> made because the target machine actively refused it. [10061])”
>
>
>
> It looks like this is coming from UserAPIClientFactory.php, where the
> default host is localhost. I see that the default is being used because
> when the factory is created in userapi_utilities.php, it is being passed an
> empty array as input. What should the values in that input array be, and
> where should they be defined in a config file somewhere?
>
>
>
>
>
> Thanks,
>
> Dave
>
>
>
>
>
>
>
> *From:* Amila Jayasekara [mailto:thejaka.amila@gmail.com]
> *Sent:* Monday, June 30, 2014 3:38 AM
> *To:* dev
> *Subject:* Re: [GSoC] Status Update
>
>
>
> Hi Supun,
>
>
>
> Very good progress. Please see some inline comments.
>
>
>
> On Sun, Jun 29, 2014 at 2:01 PM, Supun Nakandala <
> supun.nakandala@gmail.com> wrote:
>
>  Hi all,
>
>
>
> Based on the feedback received I extended the proxy user API. The thrift
> descriptors can be found at [1]. Also I incorporated the proxy API with PHP
> Reference Gateway (PHPRG) and tested it locally.
>
>
>
> Now PHPRG can support a more comprehensive user creation process using the
> proxy API. It supports *first name, last name, email*, organization,
> address, country, telephone, mobile, im, url while the bold ones are
> mandatory and others are optional fields. [create_account_1.png,
> create_account_1.png]
>
>
>
> The tenant admin (gateway admin) who can log in to the wso2 IS can view
> the users list and their profiles.[wso2_is_user_profile_1.png,
> wso2_is_user_profile_2.png]
>
>
>
> The logged in user can also click on his username and change his password
> and update his profile. [update_password.png, update_user_profile.png].
>
>
>
> I have issues related to securing the communication between the gateway
> and the proxy user api as thrift is not supporting SSL for some programming
> languages including php(at least for now). What I am planning to do is to
> use PKI encryption when sending password information and to use short lived
> encrypted tokens during communication to avoid replay attacks.
>
>
>
> Generally it needs significant effort to come up with a both secure and an
> efficient security protocol. Even SSL uses symmetric key after initial
> handshake (after exchanging symmetric key). Therefore it would be great if
> you could use an existing PHP SSL library such as [2], instead of PKI
> encrypted passwords. I dont know how much effort is needed to incorporate
> such implementation to thrift layer. But I do believe this is something
> people have already done.
>
>
>
> [2] http://www.php.net/manual/en/book.openssl.php
>
>
>
> Thanks
>
> -Thejaka Amila
>
>
>
>
>
> Thank you
>
> Supun
>
>
>
> [1] -
> https://github.com/scnakandala/airavata-userapi/blob/master/userapi/thrift-interface-descriptors/userAPI.thrift
>
>
>
>
>
>
>



-- 
Thank you
Supun Nakandala
Dept. Computer Science and Engineering
University of Moratuwa

Mime
View raw message