Changes between Version 2 and Version 3 of SecurityServices


Ignore:
Timestamp:
12/01/10 09:35:24 (10 years ago)
Author:
pjkersha
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • SecurityServices

    v2 v3  
    11=== The Security Services Package === 
    22 
    3 The security services are currently the !AttributeAuthority (AA) and the !SessionManager (SM), and the latter exploits a !MyProxy database. The two outward facing services (AA and SM) have WSDL interfaces. These packages are shown in the adjacent diagram. [[Image(source:TI12-security/trunk/architecture/uml/securityServices.JPG)]] 
     3The security services are currently the !AttributeAuthority (AA) and the !SessionManager (SM), and the latter exploits a !MyProxy database. The two outward facing services (AA and SM) have WSDL interfaces. These packages are shown in the adjacent diagram. [[Image(source:TI12-security/trunk/NDGSecurity/architecture/uml/securityServices.JPG)]] 
    44 
    55Four significant items of work on the SecurityServices are expected under the auspices of DEWS: 
     
    1010  4. The services will be rewritten to be thread safe, and deployed in an appropriate service environment infrastructure to ensure contending service calls are dealt with efficiently. (Required for Scalability) 
    1111 
    12 [[Image(source:TI12-security/trunk/architecture/uml/Deployment Model.JPG)]] 
     12[[Image(source:TI12-security/trunk/NDGSecurity/architecture/uml/Deployment Model.JPG)]] 
    1313 
    1414Note that ideally the transition to WSDL+WS-Security and WS-!SecureConversation should be done  using third-party libraries to minimise coding within the project. The main (only?) candidate for this is to use [http://dsd.lbl.gov/gtg/projects/pyGridWare/ pyGridWare], however, we have significant reservations about the number of dependencies for this activity and we are also worried about the performance and future of the project. However, it is likely that some of the performance problems will be mitigated by the planned under the hood changes to ZSI XML parsing. We are also concerned that the resulting code should interact gracefully with the java client needed for application developers (discussed below). In practice this may mean the code has to be reverse engineered to work with the IBM-websphere integration of WSDL and WS-Security.