Hi Isura, You could have the non-secured operations in a different service class and make *adminService* parameter *false*. This will make it a non secured service and will not do authentication nor authorization on any of its operations.
I am not sure if you can use the same parameter to override at operation level. I have never tried it. But if it could work you should have the *locked* attribute set to *false* at the service level and override it at the operation level. On Fri, Aug 8, 2014 at 10:47 PM, Isura Karunaratne <[email protected]> wrote: > > > > On Fri, Aug 8, 2014 at 10:24 PM, Harsha Kumara <[email protected]> wrote: > >> I assumed you have removed the *<parameter name="AuthorizationAction" >> locked="true">/permission/admin/configure</parameter> *from service >> level and only applied for specific methods which you want secure. You can >> add <parameter name="DoAuthentication" locked="true">false</parameter> >> as a parameter to a method which you don't want to secure.But I didn't try >> it out. >> > > Yes. I tried like you explained, but it was not successful > >> >> >> On Fri, Aug 8, 2014 at 9:46 PM, Isura Karunaratne <[email protected]> wrote: >> >>> >>> >>> On Fri, Aug 8, 2014 at 9:33 PM, Harsha Kumara <[email protected]> wrote: >>> >>>> Hi Isura, >>>> As Danushka mentioned, you should be able to do as follows for secure a >>>> method. L >>>> >>>> *<operation name="yourMethod">* >>>> >>>> * <parameter name="AuthorizationAction" >>>> locked="true">/permission/admin/configure</parameter> </operation>* >>>> >>> >>> I tried this way and It was able to set different authorization for each >>> method. But I was unable to remove authentication using above operation. >>> >>>> >>>> >>>> Thanks, >>>> Harsha >>>> >>>> >>>> >>>> On Fri, Aug 8, 2014 at 7:43 PM, Danushka Fernando <[email protected]> >>>> wrote: >>>> >>>>> Hi Isura >>>>> >>>>> In the given configuration there is a property as follows >>>>> <parameter name="AuthorizationAction" >>>>> locked="true">/permission/admin/login</parameter> >>>>> >>>>> Use this parameter for the methods that you want to secure. In this >>>>> way it should work AFAIK. >>>>> >>>>> Thanks & Regards >>>>> Danushka Fernando >>>>> Software Engineer >>>>> WSO2 inc. http://wso2.com/ >>>>> Mobile : +94716332729 >>>>> >>>>> >>>>> On Fri, Aug 8, 2014 at 3:44 PM, Harsha Kumara <[email protected]> >>>>> wrote: >>>>> >>>>>> Hi Isura, >>>>>> AFAIK, you can't specify permission for method. But if you need you >>>>>> can move those method to separate class and grant or revoke the >>>>>> permissions. >>>>>> Thanks, >>>>>> Harsha >>>>>> >>>>>> >>>>>> On Fri, Aug 8, 2014 at 3:37 PM, Isura Karunaratne <[email protected]> >>>>>> wrote: >>>>>> >>>>>>> Hi All, >>>>>>> >>>>>>> Following is a sample axis2 service.xml configuration, >>>>>>> >>>>>>> >>>>>>> <serviceGroup> >>>>>>> >>>>>>> <service name="MyService" scope="transportsession"> >>>>>>> <transports> >>>>>>> <transport>https</transport> >>>>>>> </transports> >>>>>>> <parameter name="ServiceClass" locked="false"> >>>>>>> pathToMyService >>>>>>> </parameter> >>>>>>> <parameter name="adminService" locked="true">true</parameter> >>>>>>> <parameter name="hiddenService" locked="false">false</parameter> >>>>>>> <parameter name="AuthorizationAction" >>>>>>> locked="true">/permission/admin/login >>>>>>> </parameter> >>>>>>> </service> >>>>>>> >>>>>>> </serviceGroup> >>>>>>> >>>>>>> >>>>>>> >>>>>>> When I try to send soap request via Soap UI it requires >>>>>>> authentication for all service methods. Following parameter can be used >>>>>>> to >>>>>>> remove the authentication of all service methods. >>>>>>> >>>>>>> <parameter name="DoAuthentication" locked="true">false</parameter> >>>>>>> >>>>>>> >>>>>>> >>>>>>> Is there anyway that can be used to remove the authentication of >>>>>>> only a particular method in service class? >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> Isura Dilhara Karunaratne >>>>>>> Software Engineer >>>>>>> >>>>>>> Mob +94 772 254 810 >>>>>>> >>>>>>> >>>>>>> _______________________________________________ >>>>>>> Dev mailing list >>>>>>> [email protected] >>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Harsha Kumara >>>>>> Software Engineer, WSO2 Inc. >>>>>> Mobile: +94775505618 >>>>>> Blog:harshcreationz.blogspot.com >>>>>> >>>>>> _______________________________________________ >>>>>> Dev mailing list >>>>>> [email protected] >>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>> >>>>>> >>>>> >>>> >>>> >>>> -- >>>> Harsha Kumara >>>> Software Engineer, WSO2 Inc. >>>> Mobile: +94775505618 >>>> Blog:harshcreationz.blogspot.com >>>> >>> >>> >>> >>> -- >>> Isura Dilhara Karunaratne >>> Software Engineer >>> >>> Mob +94 772 254 810 >>> >>> >> >> >> -- >> Harsha Kumara >> Software Engineer, WSO2 Inc. >> Mobile: +94775505618 >> Blog:harshcreationz.blogspot.com >> > > > > -- > Isura Dilhara Karunaratne > Software Engineer > > Mob +94 772 254 810 > > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Thanks & Regards, *Johann Dilantha Nallathamby* Associate Technical Lead & Product Lead of WSO2 Identity Server Integration Technologies Team WSO2, Inc. lean.enterprise.middleware Mobile - *+94777776950* Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>*
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
