Hi Godwin, Yes that is what I need to do. For the Post binding I got the inputs from the servlet and set the Basic auth token in session and use it when invoking the backend.
My problem is during the redirect binding. Since the login can be any thridparty IDP and I need to provide login credentials in IDP login screen, I need to find out how to capture credentials in order to generate Basic auth token. Thanks, On Tue, Nov 7, 2017 at 12:00 PM, Godwin Shrimal <[email protected]> wrote: > Hi Ushani, > > As I understand you want to invoke services in the Identity server after > SSO login. Please explain if not. If yes you can use same what we do in the > identity server dashboard. We take the cookie from the header and use that > cookie to invoke backend services. > > > Thanks > Godwin > > On Tue, Nov 7, 2017 at 11:20 AM, Ushani Balasooriya <[email protected]> > wrote: > >> Hi Malithi, >> >> Thanks for the response. But my concern is IDP can be any one like >> Wso2IS, Salesforce, facebook etc. So for me to invoke I assume I should >> know the client ID and secret of the relevant IDP right? Please correct me >> if I am wrong. I just need to invoke the admin services using Basic Auth. >> >> Appreciate your response. >> >> Thanks, >> >> On Tue, Nov 7, 2017 at 11:12 AM, Malithi Edirisinghe <[email protected]> >> wrote: >> >>> I think you can use SAML bearer grant here and use the access token to >>> access APIs >>> >>> Thanks, >>> Malithi >>> >>> On Tue, Nov 7, 2017 at 10:11 AM, Ushani Balasooriya <[email protected]> >>> wrote: >>> >>>> Hi, >>>> >>>> Appreciate your response. >>>> >>>> Thanks, >>>> >>>> On Mon, Nov 6, 2017 at 2:04 PM, Ushani Balasooriya <[email protected]> >>>> wrote: >>>> >>>>> Hi IAM team, >>>>> >>>>> As a part of my third party web application implementation to add >>>>> users and roles I would like to try if the logged in admin user can >>>>> perform >>>>> the relevant activity within the app. >>>>> >>>>> In order to test Login in to the web app I will be using SAML Post >>>>> binding and as well as the Redirect binding. >>>>> >>>>> When I use the Post binding, I can capture the user name and password >>>>> and generate Basic authentication token retrieving it from the servlet >>>>> request. >>>>> >>>>> My question is, >>>>> >>>>> 1. If I use redirect binding, since the IDP can be any application >>>>> like wso2 IS or Facebook or salesforce etc *(a)* is it a valid use >>>>> case to use the logged in user admin's credentials to generate auth token? >>>>> >>>>> *(b)* Or should I hard code one particular admin user's credentials >>>>> or auth token which is configured as admin for the thirdparty web app to >>>>> perform the relevant activities? >>>>> >>>>> 2. If *(a) *is valid, how can I retrieve it from the session. I can >>>>> retrieve the username from the SAML2SSO session, but my question is how to >>>>> retrieve the password to generate auth token? >>>>> >>>>> Appreciate your response. >>>>> >>>>> Thanks, >>>>> -- >>>>> *Ushani Balasooriya* >>>>> Associate Technical Lead - EE; >>>>> WSO2 Inc; http://www.wso2.com/. >>>>> Mobile; +94772636796 >>>>> >>>>> >>>> >>>> >>>> -- >>>> *Ushani Balasooriya* >>>> Associate Technical Lead - EE; >>>> WSO2 Inc; http://www.wso2.com/. >>>> Mobile; +94772636796 >>>> >>>> >>> >>> >>> -- >>> >>> *Malithi Edirisinghe* >>> Associate Technical Lead >>> WSO2 Inc. >>> >>> Mobile : +94 (0) 718176807 >>> [email protected] >>> >> >> >> >> -- >> *Ushani Balasooriya* >> Associate Technical Lead - EE; >> WSO2 Inc; http://www.wso2.com/. >> Mobile; +94772636796 >> >> > > > -- > *Godwin Amila Shrimal* > Associate Technical Lead > WSO2 Inc.; http://wso2.com > lean.enterprise.middleware > > mobile: *+94772264165* > linkedin: *https://www.linkedin.com/in/godwin-amila-2ba26844/ > <https://www.linkedin.com/in/godwin-amila-2ba26844/>* > twitter: https://twitter.com/godwinamila > <http://wso2.com/signature> > -- *Ushani Balasooriya* Associate Technical Lead - EE; WSO2 Inc; http://www.wso2.com/. Mobile; +94772636796
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
