Hi Malaka, Thanks a lot for the reply. But given the requirement, adding an Identity server to the current stack is overkill (We are planning to migrate into a proper implementation soon) . So for now, we decided to use a custom mediator to get this done.
Thanks On Sat, Jun 20, 2015 at 1:10 AM, Malaka Silva <[email protected]> wrote: > Hi Hasitha, > > In order to implement fine grained authorization, you can use entitlement > mediator. [1] > > [1] > http://wso2.com/library/articles/2010/10/using-xacml-fine-grained-authorization-wso2-platform/ > > On Fri, Jun 19, 2015 at 9:57 AM, Hasitha Amal De Silva <[email protected]> > wrote: > >> Hi, >> >> Is there a general practice to secure an API created in wso2 ESB based on >> user roles ? >> >> I was able to setup a basic auth handler using [1]. But i'm stuck on how >> to convey the allowedRole for an API to that handler at the API definition. >> >> Currently it is configured as : >> >> <api xmlns="http://ws.apache.org/ns/synapse"; name="authtestapi" >> context="/authtest"> >> <resource methods="GET" uri-template="/test"> >> ....... >> </resource> >> <handlers> >> <handler class="org.wso2.api.basicAuth.BasicAuthHandler"/> >> </handlers> >> </api> >> >> It will be great if I can simply pass a parameter in the above >> configuration specifying the allowed role. Can we customize handlers in >> such a manner ? >> >> [1] : >> https://github.com/ragavant/wso2-api-security-handlers/tree/master/BasicAuth-handler/src/main/java/org/wso2/api/basicAuth >> >> -- >> Cheers, >> >> Hasitha Amal De Silva >> Software Engineer >> Mobile : 0772037426 >> Blog : http://devnutshell.tumblr.com/ >> WSO2 Inc.: http://wso2.com ( lean.enterprise.middleware. ) >> >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > > Best Regards, > > Malaka Silva > Senior Tech Lead > M: +94 777 219 791 > Tel : 94 11 214 5345 > Fax :94 11 2145300 > Skype : malaka.sampath.silva > LinkedIn : http://www.linkedin.com/pub/malaka-silva/6/33/77 > Blog : http://mrmalakasilva.blogspot.com/ > > WSO2, Inc. > lean . enterprise . middleware > http://www.wso2.com/ > http://www.wso2.com/about/team/malaka-silva/ > <http://wso2.com/about/team/malaka-silva/> > > Save a tree -Conserve nature & Save the world for your future. Print this > email only if it is absolutely necessary. > -- Cheers, Hasitha Amal De Silva Software Engineer Mobile : 0772037426 Blog : http://devnutshell.tumblr.com/ WSO2 Inc.: http://wso2.com ( lean.enterprise.middleware. )
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
