Hi, I am working on the $Subject. *Motivation:* I have a use case where i want to authorize users who are logged into API publisher/ store but APIM does not have the access to underline user store.
*Plan:* The plan is to write an osgi service that should do the Just In Time provisioning before the permission check to authorize the user. And it will get the roles from the SAML response and do the provisioning. But we will have to do the same role/permission mapping manually for now. If we write a generic service we can plug it into any wso2 product that need JIT provision initiated by the Service provider. However we need to maintain few configurations here. 1. isServiceProvierInitiatedJITProvisioningEnabled 2. User store to be provisioned 3. Implementation class (extension point) What could be the best place to maintain this configuration if the component is written as a generic component to any wso2 product? Thanks & Regards, Ishara Cooray Senior Software Engineer Mobile : +9477 262 9512 WSO2, Inc. | http://wso2.com/ Lean . Enterprise . Middleware
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
