Hai !
As you said I have to write a handler that should extracts the
bearer token which is passed with the Http header with the request.
The header format will be similar to[ Authorization: Bearer
wU62DjlyDBnq87GlBwplfqvmAbAa.] "wU62DjlyDBnq87GlBwplfqvmAbAa" as from the
API manager documentation said as the API key. The API key which is
generated from the API manager console when the user subscribes to the
specific API. Subscriber panel displays these values.
>From the API manager doc: "The generated keys, namely an access token, a
consumer key and a consumer secret".
My question is: When I give a call from REST client, What value Do I need
to pass for http header with bearer token? Some thing like API key which
uniquely identifies the subscribed APIs, I want to pass some key that
uniquely identifies the user and enable to do CRUD operation on his
resources.
Pls apologize me if I am misunderstaning. if so let me know the right way..!
Thanks!
Ragu
On Mon, Jan 14, 2013 at 1:56 PM, Prabath Siriwardena <[email protected]>wrote:
>
>
> On Sun, Jan 13, 2013 at 11:36 PM, Sriragu Arudsothy <[email protected]>wrote:
>
>> Hai Senaka..!
>>
>> OAuth 2.0 provides 4 types of Authentication grant
>> type. All four types of grant types are requiring the client id/client
>> secret atleast. The OAuthTokenValidationService requires either client
>> id/client secret or username/pwd with client secret depends on the OAuth
>> grant type. If we are able to pass the Access token with REST calls then we
>> are done.
>>
>
> You are acting as the resource server - so you need not to worry about any
> of the grant types...
>
> Thanks & regards,
> -Prabath
>
>
>>
>> 1) I asked the IS Guys whether Is it possible to generate the access
>> token with the user name/pwd over the chat ? They do not have the answer
>> for that. They said there may be a way to create a access token through the
>> OAuthAdminService. Bz In Greg, we have users with user credentials. We
>> dont have any concepts call client ID/Client secret.
>>
>> 2) When we request from the REST client we need to pass the user
>> credentials with resource URI. The User then authenticated and access is
>> carried out or denied. Therefore the OAuth access tokens are valid for a
>> short period. Therefore it is better to authenticate for each and every
>> request. This is the way I am thinking to proceed. Bz still unclear about
>> the authentication using username/pwd with OAuth 2.0.
>>
>> WDYT?
>>
>>
>> http://blog.facilelogin.com/2012/08/wso2-oauth-20-playground-with-wso2.html
>>
>> http://blog.facilelogin.com/2012/06/oauth-20-integration-patterns-with.html
>>
>> the above links explains.
>>
>> Regards,
>> Ragu
>>
>>
>>
>>
>> On Sun, Jan 13, 2013 at 9:35 PM, Senaka Fernando <[email protected]> wrote:
>>
>>> Hi Ragu,
>>>
>>> While I'm unable to provide the best answer for #2 right away without
>>> doing some research into how OAuth 2.0 is implemented in our platform, for
>>> #1, you definitely can and must use the component and not IS for the REST
>>> API implementation in G-Reg. Also, please validate that the features that
>>> you will be using in the process include a minimum number of jars to
>>> provide the required OAuth 2.0 functionality.
>>>
>>> Thanks,
>>> Senaka.
>>>
>>> On Sun, Jan 13, 2013 at 8:44 AM, Sriragu Arudsothy <[email protected]>wrote:
>>>
>>>> Hai ,
>>>>
>>>> When invoke the REST calls to access the resources or resource
>>>> related properties, the request has to be authenticated against the user
>>>> credentials using OAuth 2.0. It is a jax web app running on G-Reg.
>>>> Currently it works without the OAuth mechanism. I went through some extent
>>>> on how OAuth is working on IS.
>>>>
>>>> 1) Is that the OAuth is adaptable component to G-Reg? or Do I need to
>>>> run the IS?
>>>>
>>>> 2) If OAuth is a separate component then how can I integrate to my
>>>> problem?
>>>>
>>>> Your thoughts are welcome on way how do I need to approach?
>>>>
>>>> Thanks!
>>>> Sriragu
>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Dev mailing list
>>>> [email protected]
>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>>
>>>>
>>>
>>>
>>> --
>>> * <http://wso2con.com/>
>>> *
>>> *
>>>
>>> Senaka Fernando*
>>> Member - Integration Technologies Management Committee;
>>> Technical Lead; WSO2 Inc.; http://wso2.com*
>>> Member; Apache Software Foundation; http://apache.org
>>>
>>> E-mail: senaka AT wso2.com
>>> **P: +1 408 754 7388; ext: 51736*; *M: +94 77 322 1818
>>> Linked-In: http://linkedin.com/in/senakafernando
>>>
>>> *Lean . Enterprise . Middleware
>>>
>>
>>
>> _______________________________________________
>> Dev mailing list
>> [email protected]
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> Thanks & Regards,
> Prabath
>
> Mobile : +94 71 809 6732
>
> http://blog.facilelogin.com
> http://RampartFAQ.com
>
_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev
