You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@airavata.apache.org by "Hasini Gunasinghe (JIRA)" <ji...@apache.org> on 2015/05/25 05:34:17 UTC
[jira] [Commented] (AIRAVATA-1624) [GSoC] Securing Airavata API
[ https://issues.apache.org/jira/browse/AIRAVATA-1624?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14557944#comment-14557944 ]
Hasini Gunasinghe commented on AIRAVATA-1624:
---------------------------------------------
Hi Suresh and Airavata team,
This is to provide an update about the work done so far for the sprint 1 of the GSoC project.
I sent a pull request from the forked repo on which I did the modifications to the Airavata code. Please let me know if you have not received it.
Please find more details about the work on the first week of the sprint 1, how to run the implemented PoC and the associated sample, remaining work on sprint 1 and planned tasks for sprint 2 at the wiki page: https://cwiki.apache.org/confluence/display/AIRAVATA/Sprint+1
I would appreciate your feedback.
Thanks,
Hasini.
> [GSoC] Securing Airavata API
> ----------------------------
>
> Key: AIRAVATA-1624
> URL: https://issues.apache.org/jira/browse/AIRAVATA-1624
> Project: Airavata
> Issue Type: New Feature
> Components: Airavata API
> Reporter: Suresh Marru
> Labels: gsoc, gsoc2015, mentor
> Fix For: WISHLIST
>
> Attachments: Securing_ARAVATA_API_V1.pdf
>
>
> Apache Airavata uses Thrift based API's for external facing API's and for system internal CPI's. The API's need to be secured adding authentication and authorization capabilities.
> The Authentication need to ensure only approved users/clients can communicate. Similarly clients should only interact with valid servers.
> Authorization need to be enforced to ensure only users with specific roles can appropriately access specific API's. As an example, administrative roles should be able see all the users experiments where as end users can only see his/her data and not access other information (unless explicitly shared).
> Earlier GSoC project focused on this topic has relavent discussion.
> https://cwiki.apache.org/confluence/display/AIRAVATA/GSoC+2014+-+Add+Security+capabilities+to+Airavata+Thrift+services+and+clients
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
Re: [jira] [Commented] (AIRAVATA-1624) [GSoC] Securing Airavata API
Posted by Hasini Gunasinghe <ha...@gmail.com>.
Hi Amila,
Sure, I am happy to do the demo and would appreciate a lot your feedback.
Thanks & Best Regards,
Hasini.
On Tue, Jun 2, 2015 at 11:42 AM, Amila Jayasekara <th...@gmail.com>
wrote:
> Hi Hasini,
>
> Demo is mainly to discuss the progress and exchange feedback and to be
> honest I dont think I have time to follow instructions and set it up due to
> several reasons. (Pretty outdated with Airavata and busy with personal life
> and lab work)
>
> @Suresh : Could you please arrange a time for the discussion ?
>
> Thanks
> -Thejaka
>
> On Fri, May 29, 2015 at 9:12 PM, Hasini Gunasinghe <ha...@gmail.com>
> wrote:
>
>> Hi Amila,
>>
>> Sure, I can a demo. Can you please let me know what time is convenient
>> for you?
>> I have provided the instructions on running the sample at
>> https://cwiki.apache.org/confluence/display/AIRAVATA/Sprint+1, but of
>> course, I am happy to do a demo too so that we can discuss any feedback.
>>
>> Thanks & Best Regards,
>> Hasini.
>>
>> On Thu, May 28, 2015 at 1:50 PM, Amila Jayasekara <
>> thejaka.amila@gmail.com> wrote:
>>
>>> Hi Hasini,
>>>
>>> Would it be possible for you to do a demo on this ?
>>>
>>> Thanks
>>> -Thejaka
>>>
>>> On Sun, May 24, 2015 at 11:34 PM, Hasini Gunasinghe (JIRA) <
>>> jira@apache.org> wrote:
>>>
>>>>
>>>> [
>>>> https://issues.apache.org/jira/browse/AIRAVATA-1624?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14557944#comment-14557944
>>>> ]
>>>>
>>>> Hasini Gunasinghe commented on AIRAVATA-1624:
>>>> ---------------------------------------------
>>>>
>>>> Hi Suresh and Airavata team,
>>>>
>>>> This is to provide an update about the work done so far for the sprint
>>>> 1 of the GSoC project.
>>>> I sent a pull request from the forked repo on which I did the
>>>> modifications to the Airavata code. Please let me know if you have not
>>>> received it.
>>>> Please find more details about the work on the first week of the sprint
>>>> 1, how to run the implemented PoC and the associated sample, remaining work
>>>> on sprint 1 and planned tasks for sprint 2 at the wiki page:
>>>> https://cwiki.apache.org/confluence/display/AIRAVATA/Sprint+1
>>>>
>>>> I would appreciate your feedback.
>>>>
>>>> Thanks,
>>>> Hasini.
>>>>
>>>> > [GSoC] Securing Airavata API
>>>> > ----------------------------
>>>> >
>>>> > Key: AIRAVATA-1624
>>>> > URL:
>>>> https://issues.apache.org/jira/browse/AIRAVATA-1624
>>>> > Project: Airavata
>>>> > Issue Type: New Feature
>>>> > Components: Airavata API
>>>> > Reporter: Suresh Marru
>>>> > Labels: gsoc, gsoc2015, mentor
>>>> > Fix For: WISHLIST
>>>> >
>>>> > Attachments: Securing_ARAVATA_API_V1.pdf
>>>> >
>>>> >
>>>> > Apache Airavata uses Thrift based API's for external facing API's and
>>>> for system internal CPI's. The API's need to be secured adding
>>>> authentication and authorization capabilities.
>>>> > The Authentication need to ensure only approved users/clients can
>>>> communicate. Similarly clients should only interact with valid servers.
>>>> > Authorization need to be enforced to ensure only users with specific
>>>> roles can appropriately access specific API's. As an example,
>>>> administrative roles should be able see all the users experiments where as
>>>> end users can only see his/her data and not access other information
>>>> (unless explicitly shared).
>>>> > Earlier GSoC project focused on this topic has relavent discussion.
>>>> >
>>>> https://cwiki.apache.org/confluence/display/AIRAVATA/GSoC+2014+-+Add+Security+capabilities+to+Airavata+Thrift+services+and+clients
>>>>
>>>>
>>>>
>>>> --
>>>> This message was sent by Atlassian JIRA
>>>> (v6.3.4#6332)
>>>>
>>>
>>>
>>
>
Re: [jira] [Commented] (AIRAVATA-1624) [GSoC] Securing Airavata API
Posted by Amila Jayasekara <th...@gmail.com>.
Hi Hasini,
Demo is mainly to discuss the progress and exchange feedback and to be
honest I dont think I have time to follow instructions and set it up due to
several reasons. (Pretty outdated with Airavata and busy with personal life
and lab work)
@Suresh : Could you please arrange a time for the discussion ?
Thanks
-Thejaka
On Fri, May 29, 2015 at 9:12 PM, Hasini Gunasinghe <ha...@gmail.com>
wrote:
> Hi Amila,
>
> Sure, I can a demo. Can you please let me know what time is convenient for
> you?
> I have provided the instructions on running the sample at
> https://cwiki.apache.org/confluence/display/AIRAVATA/Sprint+1, but of
> course, I am happy to do a demo too so that we can discuss any feedback.
>
> Thanks & Best Regards,
> Hasini.
>
> On Thu, May 28, 2015 at 1:50 PM, Amila Jayasekara <thejaka.amila@gmail.com
> > wrote:
>
>> Hi Hasini,
>>
>> Would it be possible for you to do a demo on this ?
>>
>> Thanks
>> -Thejaka
>>
>> On Sun, May 24, 2015 at 11:34 PM, Hasini Gunasinghe (JIRA) <
>> jira@apache.org> wrote:
>>
>>>
>>> [
>>> https://issues.apache.org/jira/browse/AIRAVATA-1624?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14557944#comment-14557944
>>> ]
>>>
>>> Hasini Gunasinghe commented on AIRAVATA-1624:
>>> ---------------------------------------------
>>>
>>> Hi Suresh and Airavata team,
>>>
>>> This is to provide an update about the work done so far for the sprint 1
>>> of the GSoC project.
>>> I sent a pull request from the forked repo on which I did the
>>> modifications to the Airavata code. Please let me know if you have not
>>> received it.
>>> Please find more details about the work on the first week of the sprint
>>> 1, how to run the implemented PoC and the associated sample, remaining work
>>> on sprint 1 and planned tasks for sprint 2 at the wiki page:
>>> https://cwiki.apache.org/confluence/display/AIRAVATA/Sprint+1
>>>
>>> I would appreciate your feedback.
>>>
>>> Thanks,
>>> Hasini.
>>>
>>> > [GSoC] Securing Airavata API
>>> > ----------------------------
>>> >
>>> > Key: AIRAVATA-1624
>>> > URL:
>>> https://issues.apache.org/jira/browse/AIRAVATA-1624
>>> > Project: Airavata
>>> > Issue Type: New Feature
>>> > Components: Airavata API
>>> > Reporter: Suresh Marru
>>> > Labels: gsoc, gsoc2015, mentor
>>> > Fix For: WISHLIST
>>> >
>>> > Attachments: Securing_ARAVATA_API_V1.pdf
>>> >
>>> >
>>> > Apache Airavata uses Thrift based API's for external facing API's and
>>> for system internal CPI's. The API's need to be secured adding
>>> authentication and authorization capabilities.
>>> > The Authentication need to ensure only approved users/clients can
>>> communicate. Similarly clients should only interact with valid servers.
>>> > Authorization need to be enforced to ensure only users with specific
>>> roles can appropriately access specific API's. As an example,
>>> administrative roles should be able see all the users experiments where as
>>> end users can only see his/her data and not access other information
>>> (unless explicitly shared).
>>> > Earlier GSoC project focused on this topic has relavent discussion.
>>> >
>>> https://cwiki.apache.org/confluence/display/AIRAVATA/GSoC+2014+-+Add+Security+capabilities+to+Airavata+Thrift+services+and+clients
>>>
>>>
>>>
>>> --
>>> This message was sent by Atlassian JIRA
>>> (v6.3.4#6332)
>>>
>>
>>
>
Re: [jira] [Commented] (AIRAVATA-1624) [GSoC] Securing Airavata API
Posted by Hasini Gunasinghe <ha...@gmail.com>.
Hi Amila,
Sure, I can a demo. Can you please let me know what time is convenient for
you?
I have provided the instructions on running the sample at
https://cwiki.apache.org/confluence/display/AIRAVATA/Sprint+1, but of
course, I am happy to do a demo too so that we can discuss any feedback.
Thanks & Best Regards,
Hasini.
On Thu, May 28, 2015 at 1:50 PM, Amila Jayasekara <th...@gmail.com>
wrote:
> Hi Hasini,
>
> Would it be possible for you to do a demo on this ?
>
> Thanks
> -Thejaka
>
> On Sun, May 24, 2015 at 11:34 PM, Hasini Gunasinghe (JIRA) <
> jira@apache.org> wrote:
>
>>
>> [
>> https://issues.apache.org/jira/browse/AIRAVATA-1624?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14557944#comment-14557944
>> ]
>>
>> Hasini Gunasinghe commented on AIRAVATA-1624:
>> ---------------------------------------------
>>
>> Hi Suresh and Airavata team,
>>
>> This is to provide an update about the work done so far for the sprint 1
>> of the GSoC project.
>> I sent a pull request from the forked repo on which I did the
>> modifications to the Airavata code. Please let me know if you have not
>> received it.
>> Please find more details about the work on the first week of the sprint
>> 1, how to run the implemented PoC and the associated sample, remaining work
>> on sprint 1 and planned tasks for sprint 2 at the wiki page:
>> https://cwiki.apache.org/confluence/display/AIRAVATA/Sprint+1
>>
>> I would appreciate your feedback.
>>
>> Thanks,
>> Hasini.
>>
>> > [GSoC] Securing Airavata API
>> > ----------------------------
>> >
>> > Key: AIRAVATA-1624
>> > URL:
>> https://issues.apache.org/jira/browse/AIRAVATA-1624
>> > Project: Airavata
>> > Issue Type: New Feature
>> > Components: Airavata API
>> > Reporter: Suresh Marru
>> > Labels: gsoc, gsoc2015, mentor
>> > Fix For: WISHLIST
>> >
>> > Attachments: Securing_ARAVATA_API_V1.pdf
>> >
>> >
>> > Apache Airavata uses Thrift based API's for external facing API's and
>> for system internal CPI's. The API's need to be secured adding
>> authentication and authorization capabilities.
>> > The Authentication need to ensure only approved users/clients can
>> communicate. Similarly clients should only interact with valid servers.
>> > Authorization need to be enforced to ensure only users with specific
>> roles can appropriately access specific API's. As an example,
>> administrative roles should be able see all the users experiments where as
>> end users can only see his/her data and not access other information
>> (unless explicitly shared).
>> > Earlier GSoC project focused on this topic has relavent discussion.
>> >
>> https://cwiki.apache.org/confluence/display/AIRAVATA/GSoC+2014+-+Add+Security+capabilities+to+Airavata+Thrift+services+and+clients
>>
>>
>>
>> --
>> This message was sent by Atlassian JIRA
>> (v6.3.4#6332)
>>
>
>
Re: [jira] [Commented] (AIRAVATA-1624) [GSoC] Securing Airavata API
Posted by Amila Jayasekara <th...@gmail.com>.
Hi Hasini,
Would it be possible for you to do a demo on this ?
Thanks
-Thejaka
On Sun, May 24, 2015 at 11:34 PM, Hasini Gunasinghe (JIRA) <ji...@apache.org>
wrote:
>
> [
> https://issues.apache.org/jira/browse/AIRAVATA-1624?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14557944#comment-14557944
> ]
>
> Hasini Gunasinghe commented on AIRAVATA-1624:
> ---------------------------------------------
>
> Hi Suresh and Airavata team,
>
> This is to provide an update about the work done so far for the sprint 1
> of the GSoC project.
> I sent a pull request from the forked repo on which I did the
> modifications to the Airavata code. Please let me know if you have not
> received it.
> Please find more details about the work on the first week of the sprint 1,
> how to run the implemented PoC and the associated sample, remaining work on
> sprint 1 and planned tasks for sprint 2 at the wiki page:
> https://cwiki.apache.org/confluence/display/AIRAVATA/Sprint+1
>
> I would appreciate your feedback.
>
> Thanks,
> Hasini.
>
> > [GSoC] Securing Airavata API
> > ----------------------------
> >
> > Key: AIRAVATA-1624
> > URL: https://issues.apache.org/jira/browse/AIRAVATA-1624
> > Project: Airavata
> > Issue Type: New Feature
> > Components: Airavata API
> > Reporter: Suresh Marru
> > Labels: gsoc, gsoc2015, mentor
> > Fix For: WISHLIST
> >
> > Attachments: Securing_ARAVATA_API_V1.pdf
> >
> >
> > Apache Airavata uses Thrift based API's for external facing API's and
> for system internal CPI's. The API's need to be secured adding
> authentication and authorization capabilities.
> > The Authentication need to ensure only approved users/clients can
> communicate. Similarly clients should only interact with valid servers.
> > Authorization need to be enforced to ensure only users with specific
> roles can appropriately access specific API's. As an example,
> administrative roles should be able see all the users experiments where as
> end users can only see his/her data and not access other information
> (unless explicitly shared).
> > Earlier GSoC project focused on this topic has relavent discussion.
> >
> https://cwiki.apache.org/confluence/display/AIRAVATA/GSoC+2014+-+Add+Security+capabilities+to+Airavata+Thrift+services+and+clients
>
>
>
> --
> This message was sent by Atlassian JIRA
> (v6.3.4#6332)
>