Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Application Specific Permissions in WOS2 IS

DZone's Guide to

Application Specific Permissions in WOS2 IS

· Integration Zone
Free Resource

Today’s data climate is fast-paced and it’s not slowing down. Here’s why your current integration solution is not enough. Brought to you in partnership with Liaison Technologies.

This is a new future coming in wso2 IS 4.7.0 where we can define application specific permissions. First create a service provider as below:

1. Start IS and login to WSO2 IS and navigate to 'home -> Manage -> Service Providers -> add'

image

2. As it added you can find new role. it is create for this service provider

image

3. Now we will edit service providers that we created to add Permissions. Go to 'Role/Permission Configuration'

4. Add new Permission for application and click ‘Update’

image

5. Now to check those permission is added. We will go to ‘permission tree’ at Home > Configure > Users and Roles > Roles > Permissions

image

Here I am browsing registry for application permissions

image 

Now we will try to authorized user for this resource from web services. ‘RemoteAuthorizationManagerService’[1]

6. Send request using SOAPUI

<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:ser="http://service.ws.um.carbon.wso2.org">
   <soap:Header/>
   <soap:Body>
      <ser:authorizeUser>
         <ser:userName>admin</ser:userName>
         <ser:resourceId>permission/application/MyServiceProvider/addAssert</ser:resourceId>
         <ser:action>ui.execute</ser:action>
      </ser:authorizeUser>
   </soap:Body>
</soap:Envelope>

image

Then verifies the Task, we will used ‘isUserAuthorized’

<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:ser="http://service.ws.um.carbon.wso2.org">
   <soap:Header/>
   <soap:Body>
      <ser:isUserAuthorized>
         <ser:userName>admin</ser:userName>
         <ser:resourceId>permission/application/MyServiceProvider/addAssert</ser:resourceId>
         <ser:action>ui.execute</ser:action>
      </ser:isUserAuthorized>
   </soap:Body>
</soap:Envelope>

image

Respond will come as true as it authorized.

[1] https://localhost:9443/services/RemoteAuthorizationManagerService?wsdl

Is iPaaS solving the right problems? Not knowing the fundamental difference between iPaaS and iPaaS+ could cost you down the road. Brought to you in partnership with Liaison Technologies.

Topics:

Published at DZone with permission of Madhuka Udantha, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

THE DZONE NEWSLETTER

Dev Resources & Solutions Straight to Your Inbox

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.

X

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}