Hi Thomas, Can you try the instructions given in [1] and see whether the issue gets resolved.
[1] - http://mail.wso2.org/mailarchive/dev/2017-November/074091.html Regards, Omindu On Thu, Dec 21, 2017 at 7:27 PM, Thomas LEGRAND < [email protected]> wrote: > Hello, > > I have a use case where I want to prevent the access to an API Manager > endpoint if the identified user does not have the role "secretAgent". To do > so, I would like to use the XACML like described in the document in [1]. > > But, I have an error message which appears when I "Finish" the following > XACML configuration from the Identity Server interface. Here is the > configuration I made (if the user is a member of secretAgent, allow. Else, > deny): > > [image: Images intégrées 1] > > Here is the configuration of the rule "AdminGrant" from the previous > screenshot: > > [image: Images intégrées 2] > > And here is the error message which appears: > > [image: Images intégrées 3] > > > Because I don't have any clue on what is wrongly generated, I don't know > which one of the field is missing. So, is there a way to know the XML the > identity server is generating or should I generate directly the XML file? > > I am using the wso2is-km-5.3.0. > > Regards, > > Thomas > > [1] https://docs.wso2.com/display/AM210/Enabling+Role-Based+ > Access+Control+Using+XACML > > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Omindu Rathnaweera Senior Software Engineer, WSO2 Inc. Mobile: +94 771 197 211
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
