On Thu, Jan 27, 2011 at 1:18 PM, Indika Kumara <[email protected]> wrote:
> Hi Dimuthu, > > Since, it is needed to consider security in this case, It would be great > if you or some one from security team can implement a proper solution. And, > once It is done, could you please let me know? > > Issue related to this requirement > (CARBON-8549<https://wso2.org/jira/browse/CARBON-8549>) was resolved by adding the required method without tenantId as a parameter. (r 86627) Thanks a lot DimuthuL for the guidance and help on resolving this. Thanks, Hasini. > Thanks, > > Indika > > > On Thu, Jan 27, 2011 at 1:27 PM, Dimuthu Leelarathne <[email protected]>wrote: > >> Hi, >> >> In that case we will have to implement a admin service with a method to >> retrieve the tenantId given the domain name. Only super tenant admins should >> be authorized to call this method. >> >> We can create a new admin service or add a method to an existing admin >> service. (maybe org.wso2.carbon.user.mgt.UserAdmin or another appropriate >> admin service). >> >> Thanks, >> Dimuthu >> >> >> On Thu, Jan 27, 2011 at 12:35 PM, Indika Kumara <[email protected]> wrote: >> >>> Hi Dimuthu, >>> >>> What would be the best solution if the code invoke >>> 'WSRealmBuilder.createWSRealm' does not have access to carbon locally? >>> >>> First I want to log-in and then do authorization ... please correct if I >>> am doing wrong >>> ................. >>> >>> AuthenticationAdminStub authenticationAdmin = new >>> AuthenticationAdminStub(SERVER_URL + >>> "AuthenticationAdmin"); >>> boolean logged = authenticationAdmin.login(username, >>> password, serverURL); >>> ............................. >>> String cookie = (String) configurationContext.getProperty( >>> HTTPConstants.COOKIE_STRING); >>> Map<String, String> realmProperties = new HashMap<String, >>> String>(); >>> realmProperties.put(WSRemoteUserMgtConstants.SERVER_URL, >>> SERVER_URL); >>> realmProperties.put(WSRemoteUserMgtConstants.COOKIE_STRING, >>> cookie); >>> UserRealm realm = >>> WSRealmBuilder.createWSRealm(realmProperties, configurationContext, >>> tenantID); /// Here I do not have access to ' tenantID'. - need a >>> solution >>> . ................ >>> >>> AuthorizationManager authorizationManager = >>> userRealm.getAuthorizationManager(); >>> >>> authorizationManager.authorizeUser(username, resourcePath, >>> "write"); >>> .......................... >>> >>> Thanks, >>> >>> Indika >>> >>> >>> On Thu, Jan 27, 2011 at 12:52 PM, Dimuthu Leelarathne <[email protected] >>> > wrote: >>> >>>> Hi, >>>> >>>> Architecturally users can use Email address as their login in Cloud, so >>>> it is wrong to do a split at the sign "@" to get tenant domain. >>>> >>>> 1) First get the tenant domain using this method. >>>> >>>> UserCoreUtil.getTenantDomain(RealmService realmService, String username) >>>> >>>> 2) Then get the tenantId using this method in >>>> org.wso2.carbon.user.core.service.RealmService >>>> >>>> realmService.getTenantManager().getTenantId(String domain) >>>> >>>> >>>> Thank you, >>>> Dimuthu >>>> >>>> On Thu, Jan 27, 2011 at 11:53 AM, Indika Kumara <[email protected]>wrote: >>>> >>>>> Hi All, >>>>> >>>>> I have to use WSRealmBuilder. However, I do not have access to the >>>>> 'tenantId' but do have the tenant domain or username@tenant domain. >>>>> (This is realted to the email @ carbon dev - 'Is there a way to get the >>>>> 'tenantId' of a particular user by using a remote call ') >>>>> >>>>> Could I get a change in the following method or adding a new method - >>>>> just need to give tenant domain instead of 'tenantID'. >>>>> >>>>> WSRealmBuilder.createWSRealm(realmProperties, configurationContext, >>>>> tenantID) >>>>> >>>>> Thanks, >>>>> >>>>> Indika >>>>> >>>>> _______________________________________________ >>>>> Carbon-dev mailing list >>>>> [email protected] >>>>> http://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>>> >>>>> >>>> >>>> _______________________________________________ >>>> Carbon-dev mailing list >>>> [email protected] >>>> http://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>> >>>> >>> >>> _______________________________________________ >>> Carbon-dev mailing list >>> [email protected] >>> http://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>> >>> >> >> _______________________________________________ >> Carbon-dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >> >> > > _______________________________________________ > Carbon-dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/carbon-dev > >
_______________________________________________ Carbon-dev mailing list [email protected] http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
