Hi Hasitha,

In order to implement fine grained authorization, you can use entitlement
mediator. [1]

[1]
http://wso2.com/library/articles/2010/10/using-xacml-fine-grained-authorization-wso2-platform/

On Fri, Jun 19, 2015 at 9:57 AM, Hasitha Amal De Silva <[email protected]>
wrote:

> Hi,
>
> Is there a general practice to secure an API created in wso2 ESB based on
> user roles ?
>
> I was able to setup a basic auth handler using [1]. But i'm stuck on how
> to convey the allowedRole for an API to that handler at the API definition.
>
> Currently it is configured as :
>
> <api xmlns="http://ws.apache.org/ns/synapse"; name="authtestapi"
> context="/authtest">
>    <resource methods="GET" uri-template="/test">
>         .......
>    </resource>
>    <handlers>
>        <handler class="org.wso2.api.basicAuth.BasicAuthHandler"/>
>     </handlers>
> </api>
>
> It will be great if I can simply pass a parameter in the above
> configuration specifying the allowed role. Can we customize handlers in
> such a manner ?
>
> [1] :
> https://github.com/ragavant/wso2-api-security-handlers/tree/master/BasicAuth-handler/src/main/java/org/wso2/api/basicAuth
>
> --
> Cheers,
>
> Hasitha Amal De Silva
>  Software Engineer
> Mobile : 0772037426
> Blog    : http://devnutshell.tumblr.com/
> WSO2 Inc.: http://wso2.com ( lean.enterprise.middleware. )
>
> _______________________________________________
> Dev mailing list
> [email protected]
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 

Best Regards,

Malaka Silva
Senior Tech Lead
M: +94 777 219 791
Tel : 94 11 214 5345
Fax :94 11 2145300
Skype : malaka.sampath.silva
LinkedIn : http://www.linkedin.com/pub/malaka-silva/6/33/77
Blog : http://mrmalakasilva.blogspot.com/

WSO2, Inc.
lean . enterprise . middleware
http://www.wso2.com/
http://www.wso2.com/about/team/malaka-silva/
<http://wso2.com/about/team/malaka-silva/>

Save a tree -Conserve nature & Save the world for your future. Print this
email only if it is absolutely necessary.
_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev

Reply via email to