Hi Udara, One option is to use the Mutual SSL Authenticator. Here from the webapp you can call an admin service only by sending the username of a privileged user (i.e super admin). You can find some information in the blog post [2]. Sample client code for calling a service is in [3].
[1] https://svn.wso2.org/repos/wso2/carbon/platform/branches/turing/components/authenticators/mutual-ssl-authenticator/ [2] http://darray.wordpress.com/2013/12/17/mutuall-ssl-with-wso2-identity-server/ [3] https://github.com/wso2-dev/carbon-platform-integration/blob/master/test-automation-framework/org.wso2.carbon.automation.test.utils/src/main/java/org/wso2/carbon/automation/test/utils/generic/MutualSSLClient.java On Tue, Dec 2, 2014 at 3:26 PM, Udara Liyanage <[email protected]> wrote: > Hi, > > Stratos(a carbon server) has a web app deployed which consists of some > APIs. Users can call APIs passing username/password each time or use > session id (created at first call) for subsequent API calls. > In one of the APIs, it need to call OAuthAdmin admin service in order to > create an oAuth application. However the problem I face is, Stratos API may > not have password of the API invoker if he uses the session id (this is the > session id created at Stratos web app) when invoking the API. > > One solution is to use the super admin user in user-mgt.xml when invoking > the admin service. So what ever the user invokes the API, admin service is > invoked via the super admin service. > > Another way is to create a session in Carbon at user's first API call. > Then keep the carbon session id in web app session. However if the Carbon > session id get expired and web app session is still active, user will have > to log in again > > I assume there are better solutions for this kind of problems. > > -- > > Udara Liyanage > Software Engineer > WSO2, Inc.: http://wso2.com > lean. enterprise. middleware > > web: http://udaraliyanage.wordpress.com > phone: +94 71 443 6897 > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Tharindu Edirisinghe Software Engineer | WSO2 Inc Identity Server Team mobile : +94 775 181586
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
