Hi Tharindu, Thanks for the info. It worked.
Regards, On Fri, May 13, 2016 at 12:56 PM, Tharindu Edirisinghe <[email protected]> wrote: > Hi Milan, > > You can use MultitenantUtils.getTenantAwareUsername [1] method here. > > boolean status = authorizationManager.isUserAuthorized( > *MultitenantUtils.getTenantAwareUsername(username)* , permission, > UI_EXECUTE); > > Then you can obtain the username without the tenant domain out of the > username you already have that contains the tenant domain. > > [1] > https://github.com/wso2/carbon-kernel/blob/4.4.x/core/org.wso2.carbon.utils/src/main/java/org/wso2/carbon/utils/multitenancy/MultitenantUtils.java#L40 > > Regards, > TharinduE > > On Fri, May 13, 2016 at 12:49 PM, Milan Perera <[email protected]> wrote: > >> Hi Tharindu, >> >> No, im not using the *RemoteAuthorizationManagerService *admin service. >> Below is the code snippet which I use. >> >> >> RealmService realmService = >> OAuthExtensionsDataHolder.getInstance().getRealmService(); >> >> AuthorizationManager authorizationManager = >> realmService.getTenantUserRealm(tenantId).getAuthorizationManager(); >> >> String username = accessTokenDO.getAuthzUser.getUserName(); *// this returns >> the name with tenant domain, ex: [email protected]* >> >> boolean status = authorizationManager.isUserAuthorized(username , >> permission, UI_EXECUTE); >> >> >> Is there anything else that I should do here or is there a way to overcome >> my initial issue? >> >> Thanks, >> >> >> On Fri, May 13, 2016 at 12:25 PM, Tharindu Edirisinghe < >> [email protected]> wrote: >> >>> Hi Milan, >>> >>> Are you calling the *isUserAuthorized *method in >>> *RemoteAuthorizationManagerService >>> *[1] admin service ? If so you need to send the username without the >>> tenant domain. The tenant domain of the user is derived by the admin's >>> tenant domain who calls the admin service. >>> >>> [1] >>> https://localhost:9443/services/RemoteAuthorizationManagerService?wsdl >>> >>> Regards, >>> TharinduE >>> >>> On Fri, May 13, 2016 at 11:17 AM, Milan Perera <[email protected]> wrote: >>> >>>> Hi all, >>>> >>>> Im using "*isUserAuthorized*" method to check whether a particular >>>> user has relevant permission. >>>> However when I pass the username as "*[email protected]*" as a >>>> parameter, I always get '*false*' and if I pass just "*admin*" it >>>> returns '*true*'. >>>> >>>> Is this the expected behavior or is there any other way to do that? >>>> >>>> Thanks, >>>> -- >>>> *Milan Perera *| Software Engineer >>>> WSO2, Inc | lean. enterprise. middleware. >>>> #20, Palm Grove, Colombo 03, Sri Lanka >>>> Mobile: +94 77 309 7088 | Work: +94 11 214 5345 >>>> Email: [email protected] <[email protected]> | Web: www.wso2.com >>>> <http://lk.linkedin.com/in/milanharinduperera> >>>> >>>> _______________________________________________ >>>> Dev mailing list >>>> [email protected] >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>>> >>> >>> >>> -- >>> >>> Tharindu Edirisinghe >>> Software Engineer | WSO2 Inc >>> Platform Security Team >>> Blog : tharindue.blogspot.com >>> mobile : +94 775181586 >>> >> >> >> >> -- >> *Milan Perera *| Software Engineer >> WSO2, Inc | lean. enterprise. middleware. >> #20, Palm Grove, Colombo 03, Sri Lanka >> Mobile: +94 77 309 7088 | Work: +94 11 214 5345 >> Email: [email protected] <[email protected]> | Web: www.wso2.com >> <http://lk.linkedin.com/in/milanharinduperera> >> > > > > -- > > Tharindu Edirisinghe > Software Engineer | WSO2 Inc > Platform Security Team > Blog : tharindue.blogspot.com > mobile : +94 775181586 > -- *Milan Perera *| Software Engineer WSO2, Inc | lean. enterprise. middleware. #20, Palm Grove, Colombo 03, Sri Lanka Mobile: +94 77 309 7088 | Work: +94 11 214 5345 Email: [email protected] <[email protected]> | Web: www.wso2.com <http://lk.linkedin.com/in/milanharinduperera>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
