I have to create a client application that uses OAuth2 and a REST service. I confirmed that the REST service I can achieve it only by WSO2 ESB? WSO2 IS does not provide any REST service without using other platforms carbon?
There are some rest webservices for oauth2, check https://localhost:9443/oauth2/token
and the associated doc
https://docs.wso2.com/display/IS520/Resource+Owner+Password+Credentials+Grant
Related
currently working on wso2 identity servicer v5.7 . need a help to update service provider using soap request. i read the wso2 docs and saw the services provided by wso2 but did not find the right soap request. I want to update service provider all the details in one request: saml sso configuration as well.
You can use the updateApplication method of IdentityApplicationManagementService to update a Service Provider. To obtain the WSDL, use the following URL.
https://{IShost}:{port}/services/IdentityApplicationManagementService?wsdl
I have a basic question in using WSo2 API manager and WSo2 IS server.
I have a requirement , where I need to Authenticate/Authorize any requests coming to my rest services. When I read documentation on WSo2 website I see that we can achieve this using WSo2 ESB + WSo2 IS server.
But we don't want to use ESB rather than use a Lightweight component like WSo2 API manager + Ws02 IS server to fulfill the
I have gone through this documentation and trying to setup WSO2 as the key manager
https://docs.wso2.com/display/CLUSTER420/Configuring+the+Identity+Server+5.0.0+with+API+Manager+1.9.0
My question is I am going in the right direction ?
Will API manager alone will be sufficient for authentication/authorization
Yes above link will guide you to how to configure the Identity server with API Manager.
API manager will be sufficient for the basic authentication/authorization.but if you want advance options need to configure with the identity Server.(The Identity Server and the solution it provides)
What I'm trying to do is as follows,
Business use-case : A backend service with SOAP binding required to expose as a RESTful service. Consumers require to get the responses from JSON using the same API.
I have gone through below links but didn't find them useful. Configurations are either not given or not working.
http://asanka.abeysinghe.org/2013/05/implementing-api-facade-with-wso2-api.html
WSO2 API Manager convert SOAP to REST
WSO2 API Manager - can it convert REST requests to SOAP requests on the backend?
I know the step what to be done but what I'm wondering is how that should be done in the ESB. Exact configurations.
Backend service with SOAP binding required to expose as a RESTful - WSO2 ESB?
If you need to expose a SOAP Service and REST (POX or JSON), you can do it using ESB. You can create a API in ESB and does the mapping between JSON or POX to SOAP. There are samples available in the ESB documentation. Please check from here. You do not need a API manager, if you just need to expose some REST API. You can do it using ESB as well and you do not need to use API Manager.
I've been dropped into a hot potato project...an external entity produced a SOA architecture and we need to implement it now.
Using Drupal as a CMS and starting point of the architecture.
Here's what I think we need to do:
Authentication server
People register through the drupal site. We'd like to reuse the identity created for other (future) services, through a REST API
a) Can I add users to WSO2 Identity Server via a (REST) API?
b) Can I query WSO2IS to authenticate users via a (REST) API (creating a SSO env)?
c) Can I create re-usable profiles in WSO2IS, accessible through a (REST) API?
d) Can I authenticate drupal access via WSO2IS through a (REST) API?
e) Can I query the XACML policies via a (REST) API so that access to a requested service can be evaluated?
Other REST APIs we're going to build would use the OAuth functionality of WSO2
The architecture mandates each an authentication, a profiles and a policy (authorization) with XACML (...) module. The alternative is to build it all ourselves but I think we won't have the time for this, but I need to understand if we can do the above mentioned things to make a decision if WSO2IS is a good choice for our needs.
I have read the available documentation, browsed the help system, installed WSO2IS and checked out the interfaces, but couldn't find the responses. The only thing I managed to do is create the OAuth server.
Please find my answers..
a) Yes.. WSO2 Identity Server supports SCIM which is the standard approach for identity provisioning. Also there are web service APIs, that expose user management functions. You can front those web service API using WSO2 APIM and can expose as REST API.
b) Yes.. Apart from REST and web service API, Identity Server supports for authentication methods such as SAML2SSO, OpenID, IWA and so on.
c) Yes.. same as a) you have both options SCIM or Web service API fronted with APIM
d) There is an authentication framework in the WSO2IS, that users can be authenticated with different server.. Basically WSO2IS can act as federated IDP that application knows only to talk to WSO2IS.. WSO2IS can authenticate users from any other IDP, It can be drupal as well
e) Yes.. XACML is supported by WSO2IS... Its PDP API has been exposed via web service API.. but not as a REST API.. but as i mentioned earlier, you can expose it as REST using APIM. However REST support for XACML would be available with the further release
Say I have a REST API hosted on a webserver:
someone.com/api/
I want to expose this REST API through a proxy service using WSO2 ESB.
esb.com/api/
It should forward whatever is after esb.com/api/. So if I hit:
esb.com/api/param1/param2
It should hit the real service using:
someone.com/api/param1/param2
How do I pass the URI parts to the real webservice from a proxy service?
Don't try to use Proxy services for REST API. Proxy Services are for the Web Services. Use API s avialable in WSO2 ESB which are similar to proxy services and intended for REST API. This Oxygen Tank article and this sample document will be useful for you.