synapse-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Udayanga Wickramasinghe <mastershield2...@gmail.com>
Subject Re: Introducing transport level (HTTPs etc.) access restriction to APIs
Date Fri, 28 Jun 2013 14:06:14 GMT
Hi,
This would work ok but i think there is a slight problem. Each time
a message is received by a non-allowed transport of an API , it will arrive
until the synapse mediation layer and will endup in the 'main' sequence
(because respective API has rejected it) . Because such request is intended
for a proper API ( But just not passing through allowed transport channel)
user might not want it to go through the 'main' sequence.  Hence you may
need to handle 'dropping' off the message gracefully from the API .
However APIs are not Axis services ,therefore i think this runtime checking
is not as effective as using AxisService#setExposedTransports method (used
in ProxyServices)...

Regards
Udayanga



On Fri, Jun 28, 2013 at 5:18 AM, Ruwan Yatawara <ruwany@wso2.com> wrote:

> Hi All,
>
> We have a requirement to introduce access restrictions to APIs based
> transport type. As it is done for proxy services, we wish to introduce a
> "transport" attribute based on which, access to the API will be deflected
> or approved.
>
> From what i observed, we may introduce a condition in canProcess() method
> of API class, to validate the inTransport of message context against the
> configured list of transports. But is it the correct way to achieve this?
>
> Pls. find attached sample API xml.
>
> Your advise on this regard would be highly appreciated.
>
>
>
> Thanks and Regards,
>
> Ruwan Yatawara
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@synapse.apache.org
> For additional commands, e-mail: dev-help@synapse.apache.org
>



-- 
http://www.udayangawiki.blogspot.com

Mime
View raw message