Hi Godwin, Thanks for the reference. I will check where I can retrieve and set the cookie value and call the admin service.
Regards, Ushani On Tue, Nov 7, 2017 at 1:51 PM, Godwin Shrimal <[email protected]> wrote: > Hi Ushani, > > Please see my answers inline. > > >> >> Does it mean that use cookie to capture the Basic Auth token need for the >> admin service if my understanding is correct? >> > You don't need to capture Basic Auth token, you can pass the cookie via > HTTP Headers to backend, then backend validate is there exiating session > with session id of the cookie and allow to invoke services. > > >> an you please let me know what value should I retrieve from the cookie >> and appreciate if you can guide me to an example in some documentation, >> blog or etc. >> > > You don't need to extract any value from cookie and you can pass the same > cookie as HTTP Headers to backend. You can refer [1] how call backend APIs, > please check the usages of that and see how to pass the required values. > > > [1] https://github.com/wso2/product-is/blob/5.x.x/modules/ > jaggery-apps/user-dashboard/dashboard/controllers/wsUtil.jag > > > >> >> Thanks, >> >> On Tue, Nov 7, 2017 at 12:34 PM, Godwin Shrimal <[email protected]> wrote: >> >>> Hi Ushani, >>> >>> According to what I explained above, you don't need to capture the >>> username and generate the basic auth token. You can get the cookie after >>> successful authentication and use that cookie to invoke backend services. >>> >>> Thanks >>> Godwin >>> >>> >>> On Tue, Nov 7, 2017 at 12:18 PM, Ushani Balasooriya <[email protected]> >>> wrote: >>> >>>> Hi Godwin, >>>> >>>> Yes that is what I need to do. >>>> For the Post binding I got the inputs from the servlet and set the >>>> Basic auth token in session and use it when invoking the backend. >>>> >>>> My problem is during the redirect binding. >>>> >>>> Since the login can be any thridparty IDP and I need to provide login >>>> credentials in IDP login screen, I need to find out how to capture >>>> credentials in order to generate Basic auth token. >>>> >>>> Thanks, >>>> >>>> >>>> On Tue, Nov 7, 2017 at 12:00 PM, Godwin Shrimal <[email protected]> >>>> wrote: >>>> >>>>> Hi Ushani, >>>>> >>>>> As I understand you want to invoke services in the Identity server >>>>> after SSO login. Please explain if not. If yes you can use same what we do >>>>> in the identity server dashboard. We take the cookie from the header and >>>>> use that cookie to invoke backend services. >>>>> >>>>> >>>>> Thanks >>>>> Godwin >>>>> >>>>> On Tue, Nov 7, 2017 at 11:20 AM, Ushani Balasooriya <[email protected]> >>>>> wrote: >>>>> >>>>>> Hi Malithi, >>>>>> >>>>>> Thanks for the response. But my concern is IDP can be any one like >>>>>> Wso2IS, Salesforce, facebook etc. So for me to invoke I assume I should >>>>>> know the client ID and secret of the relevant IDP right? Please correct >>>>>> me >>>>>> if I am wrong. I just need to invoke the admin services using Basic Auth. >>>>>> >>>>>> Appreciate your response. >>>>>> >>>>>> Thanks, >>>>>> >>>>>> On Tue, Nov 7, 2017 at 11:12 AM, Malithi Edirisinghe < >>>>>> [email protected]> wrote: >>>>>> >>>>>>> I think you can use SAML bearer grant here and use the access token >>>>>>> to access APIs >>>>>>> >>>>>>> Thanks, >>>>>>> Malithi >>>>>>> >>>>>>> On Tue, Nov 7, 2017 at 10:11 AM, Ushani Balasooriya <[email protected] >>>>>>> > wrote: >>>>>>> >>>>>>>> Hi, >>>>>>>> >>>>>>>> Appreciate your response. >>>>>>>> >>>>>>>> Thanks, >>>>>>>> >>>>>>>> On Mon, Nov 6, 2017 at 2:04 PM, Ushani Balasooriya <[email protected] >>>>>>>> > wrote: >>>>>>>> >>>>>>>>> Hi IAM team, >>>>>>>>> >>>>>>>>> As a part of my third party web application implementation to add >>>>>>>>> users and roles I would like to try if the logged in admin user can >>>>>>>>> perform >>>>>>>>> the relevant activity within the app. >>>>>>>>> >>>>>>>>> In order to test Login in to the web app I will be using SAML Post >>>>>>>>> binding and as well as the Redirect binding. >>>>>>>>> >>>>>>>>> When I use the Post binding, I can capture the user name and >>>>>>>>> password and generate Basic authentication token retrieving it from >>>>>>>>> the >>>>>>>>> servlet request. >>>>>>>>> >>>>>>>>> My question is, >>>>>>>>> >>>>>>>>> 1. If I use redirect binding, since the IDP can be any application >>>>>>>>> like wso2 IS or Facebook or salesforce etc *(a)* is it a valid >>>>>>>>> use case to use the logged in user admin's credentials to generate >>>>>>>>> auth >>>>>>>>> token? >>>>>>>>> >>>>>>>>> *(b)* Or should I hard code one particular admin user's >>>>>>>>> credentials or auth token which is configured as admin for the >>>>>>>>> thirdparty >>>>>>>>> web app to perform the relevant activities? >>>>>>>>> >>>>>>>>> 2. If *(a) *is valid, how can I retrieve it from the session. I >>>>>>>>> can retrieve the username from the SAML2SSO session, but my question >>>>>>>>> is how >>>>>>>>> to retrieve the password to generate auth token? >>>>>>>>> >>>>>>>>> Appreciate your response. >>>>>>>>> >>>>>>>>> Thanks, >>>>>>>>> -- >>>>>>>>> *Ushani Balasooriya* >>>>>>>>> Associate Technical Lead - EE; >>>>>>>>> WSO2 Inc; http://www.wso2.com/. >>>>>>>>> Mobile; +94772636796 >>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> *Ushani Balasooriya* >>>>>>>> Associate Technical Lead - EE; >>>>>>>> WSO2 Inc; http://www.wso2.com/. >>>>>>>> Mobile; +94772636796 >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> >>>>>>> *Malithi Edirisinghe* >>>>>>> Associate Technical Lead >>>>>>> WSO2 Inc. >>>>>>> >>>>>>> Mobile : +94 (0) 718176807 >>>>>>> [email protected] >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> *Ushani Balasooriya* >>>>>> Associate Technical Lead - EE; >>>>>> WSO2 Inc; http://www.wso2.com/. >>>>>> Mobile; +94772636796 >>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> *Godwin Amila Shrimal* >>>>> Associate Technical Lead >>>>> WSO2 Inc.; http://wso2.com >>>>> lean.enterprise.middleware >>>>> >>>>> mobile: *+94772264165* >>>>> linkedin: *https://www.linkedin.com/in/godwin-amila-2ba26844/ >>>>> <https://www.linkedin.com/in/godwin-amila-2ba26844/>* >>>>> twitter: https://twitter.com/godwinamila >>>>> <http://wso2.com/signature> >>>>> >>>> >>>> >>>> >>>> -- >>>> *Ushani Balasooriya* >>>> Associate Technical Lead - EE; >>>> WSO2 Inc; http://www.wso2.com/. >>>> Mobile; +94772636796 >>>> >>>> >>> >>> >>> -- >>> *Godwin Amila Shrimal* >>> Associate Technical Lead >>> WSO2 Inc.; http://wso2.com >>> lean.enterprise.middleware >>> >>> mobile: *+94772264165* >>> linkedin: *https://www.linkedin.com/in/godwin-amila-2ba26844/ >>> <https://www.linkedin.com/in/godwin-amila-2ba26844/>* >>> twitter: https://twitter.com/godwinamila >>> <http://wso2.com/signature> >>> >> >> >> >> -- >> *Ushani Balasooriya* >> Associate Technical Lead - EE; >> WSO2 Inc; http://www.wso2.com/. >> Mobile; +94772636796 >> >> > > > -- > *Godwin Amila Shrimal* > Associate Technical Lead > WSO2 Inc.; http://wso2.com > lean.enterprise.middleware > > mobile: *+94772264165* > linkedin: *https://www.linkedin.com/in/godwin-amila-2ba26844/ > <https://www.linkedin.com/in/godwin-amila-2ba26844/>* > twitter: https://twitter.com/godwinamila > <http://wso2.com/signature> > -- *Ushani Balasooriya* Associate Technical Lead - EE; WSO2 Inc; http://www.wso2.com/. Mobile; +94772636796
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
