Hi Jens, Please see my comments below.
On Thu, 2008-02-07 at 10:40 +0100, Jens Goldhammer wrote: > Hello Ruwan, > > how can I integrate that url into my pom-file? Or is this configured > maven-wide? > yes, you are right- I want to build a role based authentification with > caching-mechanism! > > My ideas are: > - change the usermanager to provide permissions for a role/user on > service and/or operation level. Maybe I can use the ressource and action > column of the permissions table. You don't have to change usermanager. Yes you can resource/action columns of permission table as it is. Resource can be ServceName-Operation. Or the resource can be the service and the operation name can be the action. Thank you, Dimuthu > - determine in the mediation which service is used by looking at the > provided published wsdl or by looking at the soap-message. What do you > think is better? > I think I have to look which service the user wants to call, or is this > a wrong approach? > - extract the user-crediantials of the ws-security-header and proof if > he is authorized. (by looking first at the user-permissions- if they are > not provided at the role-permissions) > - if no security header is used, I can inspect the http-header with > basic authentification. Do I have access to it from the messageContext? > - maybe the used mechanism can be configured by a property... > - if no user-information is provided, the role based authentification > cannot be used- fault back to the client... > - give back a fault if the permission for the user has not been found > > Any other ideas from your side? > > Jens > > > Ruwan Linton schrieb: > > Hi Jens, > > > > I think it is OK to host the jar files, but wonder why you didn't get > > these online, because the usermanager jar files are available under > > the wso2 maven2 repository :-( > > > > http://dist.wso2.org/maven2/org/wso2/commons/usermanager/usermanager-core/ > > > > > > BTW: what you are trying to do is absolutely fine from my point of > > view, I think what you are trying to do is enabling the Role based > > authentication, isn't it? > > > > Thanks, > > Ruwan > > > > Jens Goldhammer wrote: > >> Hello, > >> > >> I have tried the mediator examples with StockQuote > >> (http://wso2.org/library/2936), builded it with maven and run it... > >> Very well so far! > >> Now I want to integrate the wso2 common usermanager libs into my own > >> mediation component because I want to use it for my proxy services... > >> > >> How can I do that with maven? I cannot make a dependcy to it because > >> the libs are not online. Can I put it into the maven repository on my > >> environment? > >> Sorry, I am totally new to Maven! > >> > >> I want to write a mediator which authentificates a user (maybe I will > >> do this by ws-security) and want to proof if the user is allowed to > >> do that action. > >> Do you think it make sense? > >> > >> Thanks, > >> Jens > >> > >> > >> > >> > >> _______________________________________________ > >> Esb-java-user mailing list > >> [email protected] > >> http://wso2.org/cgi-bin/mailman/listinfo/esb-java-user > >> > > > > _______________________________________________ > Esb-java-user mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/esb-java-user _______________________________________________ Esb-java-user mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/esb-java-user
