Yumani Ranaweera wrote: > Hi, > > Please could you clarify following for me. Excuse me if the docs have > already explained these :( I couldn't go through the new docs yet ... > > 1. For a sample service, after you set security configurations to "allow > only admin user\admin role" (with first security option), what should > happen when you access the service from a normal user login?
If access is granted to the admin role then accessing a mashup using a users username/password should throw an error saying "Fault: The security token could not be authenticated or authorized" > > 2. Who gets to set security configurations for 'sample services' --> Is > it only the admin user? We have an issue with setting up security for sample services. If they are done for system services then the admins keystore is used. But we dont do that for sample services, cause the samples account can be deleted. So if somebody create a account called samples again we'll have an issue. So we refrain from setting a keystore for samples/ So basically samples cannot be secured only system mashups. > > 3. I observed the following; > > Admin user login --> accessed a Sample Mashup --> Security Conf page > didn't hv an option to upload KS information. > Admin user login --> accessed a mashup which was copied directlt to > samples folder --> Security Conf page didn't hv an option to upload KS > information. > Admin user login --> accessed a mashup which was created from UI --> > Security Conf page didn't hv an option to upload KS information. > Normal user login --> accessed a mashup which was created from UI (by > the user)--> Security Conf page *had *an option to upload KS information. > The above is because you had set up your private key for the admin account. Its a one time thing per account. > Also I remember when I first signed-in and created a mashup from UI, > there was an option to upload KS information before setting security > configuration of that mashup. > Does this mean KS setting a one time option per user? Yes it is. The keystore is given to a user and not to a mashup. So ones you set up your private key your done. Thanks, Keith. > > Thanks, > Yumani > > _______________________________________________ > Mashup-dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/mashup-dev _______________________________________________ Mashup-dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/mashup-dev
