Authorization for a Multi-Cloud System

This is a project design I am currently working on to consume SPIFFE(Secure Production Identity Framework For Everyone) bootstrapped trust and identification to provide authorization in a dynamically scaling, heterogeneous system, inspired by Mr. Prabath Siriwardena from WSO2 and under the supervision of Prof. Gihan Dias from University of Moratuwa. An enterprise system running across multiple clouds, as in the hybrid cloud, is an obvious example that will be benefitted from this. The objective is to open doors for the SPIFFE standard based systems to co-exist with rest of the systems with minimal effort, without compromising on security aspects while having an authorization solution based on SPIFFE.
What is SPIFFE? In brief, it is a trust bootstrapping and identification framework, submitted as a standard and accepted by CNCF(Cloud Native Computing Foundation)[1]. As of now, this standard has two main implementations as SPIRE and Istio[2], a platform that supports service mesh archit…

Writing Axis2 Custom Deployers - hot deployment - WSO2 Carbon Products

Custom deployers is a concept introduced to Axis2 to increase it's flexibility and enhance the dynamic nature. With this article on Axis2 Custom Deployers, it's originator himself explains it's background and procedure in details. With this post, I'll just share the steps I followed in using this feature.
  • Following is the basic structure of a custom deployer. There needs to be a class that has implemented 'org.apache.axis2.deployment.Deployer' interface and a component.xml file that carries some required properties for the deployer.
  • Following is the basic structure of a CustomDeployer class.
public class CustomDeployer extends AbstractDeployer {

    private static Log log = LogFactory.getLog(CustomDeployer.class);
    private File userMgtConfigFile;
    private RealmConfigXMLProcessor realmConfigXMLProcessor = new RealmConfigXMLProcessor();

    public void init(ConfigurationContext configurationContext) {
        // Here goes all the initialization code.

    public void deploy(DeploymentFileData deploymentFileData) throws DeploymentException {
        File file = deploymentFileData.getFile();
        // Here goes the processing code need to process the file

    public void setDirectory(String s) {
        // if we need to know the subdirectory that the deployer has registered

    public void setExtension(String s) {
        //extension of the file that the deployer has registered
When there is a file addition in the subdirectory that we are interested in (file extension that the deployer has registered with) 'deploy' method is called. When a file is deleted 'undeploy' method is called. When a modification is done both the methods will be called accordingly. Directory and extension of the files to be deployed can be set by the relevant methods.
  • Following is a sample component.xml file written for a WSO2 Carbon product.
<component xmlns="">
  • Finally in the pom.xml(of Maven module) we should define the deployer as follows,
  •  We are done now. Finally one more thing worth to note is, we can enable hot update by setting 'true' for the parameter 'hotupdate' in axis2.xml. With this if we add a file of the given extension in the directory, the file will be get deployed at the moment itself.



  1. Customized application is simpler to use. This is because it performs the way you want it to.

  2. I like the helpful information you provide in your articles.
    I'll bookmark your weblog and check again here regularly. I'm quite certain I will learn many new stuff right here!
    Good luck for the next!

    Feel free to surf to my page - opana 40 mg

  3. This is really informative post and I personally would like to appreciate the efforts. We are also dealing in same industry hence found this informative to add in our process also. Once again thanks for your post.

  4. This comment has been removed by a blog administrator.

  5. This comment has been removed by a blog administrator.


Post a Comment

Popular posts from this blog

Signing SOAP Messages - Generation of Enveloped XML Signatures

How to send an HTML email in Java (Using Google SMTP Server)

How to convert WSDL to Java