Hi Sameera, This is what I was looking for :) Got it to work now. Thanks.
On Mon, Jun 22, 2015 at 12:23 PM, Sameera Jayaratna <[email protected]> wrote: > Hi Hasitha, > > We also faced the same issue and implemented a custom BasicAuthHandler > following the same sample you pointed. We integrated the role based > authorization to the same. > It allows you to configure the allowed roles and user store as below. > > <handlers> > <handler class="custom.rest.authhandler.BasicAuthHandler"> > <property name="domain" > value="${rest.authhandler.domain}" /> > <property name="roles" value="${rest.authhandler.roles}" /> > </handler> > </handlers> > > Thank you, > Sameera > > On Mon, Jun 22, 2015 at 8:59 AM, Hasitha Amal De Silva <[email protected]> > wrote: > >> Hi Malaka, >> >> Thanks a lot for the reply. But given the requirement, adding an Identity >> server to the current stack is overkill (We are planning to migrate into a >> proper implementation soon) >> . So for now, we decided to use a custom mediator to get this done. >> >> Thanks >> >> On Sat, Jun 20, 2015 at 1:10 AM, Malaka Silva <[email protected]> wrote: >> >>> Hi Hasitha, >>> >>> In order to implement fine grained authorization, you can use >>> entitlement mediator. [1] >>> >>> [1] >>> http://wso2.com/library/articles/2010/10/using-xacml-fine-grained-authorization-wso2-platform/ >>> >>> On Fri, Jun 19, 2015 at 9:57 AM, Hasitha Amal De Silva < >>> [email protected]> wrote: >>> >>>> Hi, >>>> >>>> Is there a general practice to secure an API created in wso2 ESB based >>>> on user roles ? >>>> >>>> I was able to setup a basic auth handler using [1]. But i'm stuck on >>>> how to convey the allowedRole for an API to that handler at the API >>>> definition. >>>> >>>> Currently it is configured as : >>>> >>>> <api xmlns="http://ws.apache.org/ns/synapse"; name="authtestapi" >>>> context="/authtest"> >>>> <resource methods="GET" uri-template="/test"> >>>> ....... >>>> </resource> >>>> <handlers> >>>> <handler class="org.wso2.api.basicAuth.BasicAuthHandler"/> >>>> </handlers> >>>> </api> >>>> >>>> It will be great if I can simply pass a parameter in the above >>>> configuration specifying the allowed role. Can we customize handlers in >>>> such a manner ? >>>> >>>> [1] : >>>> https://github.com/ragavant/wso2-api-security-handlers/tree/master/BasicAuth-handler/src/main/java/org/wso2/api/basicAuth >>>> >>>> -- >>>> Cheers, >>>> >>>> Hasitha Amal De Silva >>>> Software Engineer >>>> Mobile : 0772037426 >>>> Blog : http://devnutshell.tumblr.com/ >>>> WSO2 Inc.: http://wso2.com ( lean.enterprise.middleware. ) >>>> >>>> _______________________________________________ >>>> Dev mailing list >>>> [email protected] >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>>> >>> >>> >>> -- >>> >>> Best Regards, >>> >>> Malaka Silva >>> Senior Tech Lead >>> M: +94 777 219 791 >>> Tel : 94 11 214 5345 >>> Fax :94 11 2145300 >>> Skype : malaka.sampath.silva >>> LinkedIn : http://www.linkedin.com/pub/malaka-silva/6/33/77 >>> Blog : http://mrmalakasilva.blogspot.com/ >>> >>> WSO2, Inc. >>> lean . enterprise . middleware >>> http://www.wso2.com/ >>> http://www.wso2.com/about/team/malaka-silva/ >>> <http://wso2.com/about/team/malaka-silva/> >>> >>> Save a tree -Conserve nature & Save the world for your future. Print >>> this email only if it is absolutely necessary. >>> >> >> >> >> -- >> Cheers, >> >> Hasitha Amal De Silva >> Software Engineer >> Mobile : 0772037426 >> Blog : http://devnutshell.tumblr.com/ >> WSO2 Inc.: http://wso2.com ( lean.enterprise.middleware. ) >> >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > > > > *Thanks & Regards,Sameera Jayaratna Software Engineer; **WSO2 Inc. * > > *lean . enterprise . middleware | http://wso2.com <http://wso2.com> * > -- Cheers, Hasitha Amal De Silva Software Engineer Mobile : 0772037426 Blog : http://devnutshell.tumblr.com/ WSO2 Inc.: http://wso2.com ( lean.enterprise.middleware. )
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
