You can do this with the WSO2 Application Server. First you can define the new roles you need to have using User Manager.
Then WSO2 AS can be used to develop your front end as a web application. As in a normal web application you can assign roles to control the access to the servelets. Basically you can use the defined roles in web.xml. If your back end is implemented as a set of web services then you can use the role based access control to services with the User Name token. (please see the security wizard). In future we will add the role based authorization to operation level as well for any authentication mechanism. thanks, Amila. On Fri, Mar 4, 2011 at 11:30 PM, Xue-Feng Yang <just4l...@yahoo.com> wrote: > > > ----- Forwarded Message ---- > *From:* Xue-Feng Yang <just4l...@yahoo.com> > *To:* Prabath Siriwardana <prab...@wso2.com> > *Cc:* carbon-dev@wso2.org > *Sent:* Sat, March 5, 2011 1:18:16 AM > *Subject:* Re: [Carbon-dev] User based authorization is depreciated in > AuthorizationManager in carbon core > > Good. > > Is there anything like user based role access control in wso2 middleware? > > The meaning of user based role access control is: In social network, any > user can setup the access roles for people visiting his/her pages. For > example, for common person: his/her family friends, work friends, > classmates, sport teammates, and so on; or for an enterprise user: his/her > team members, managers, upstream partners, downstream partners, and so on. > This role access control is only for one user's pages, not affects to > other's pages. > > It is different from the one I saw in those samples and docs. > > Thanks, > > Xue-Feng > > ------------------------------ > *From:* Prabath Siriwardana <prab...@wso2.com> > > *To:* carbon-dev@wso2.org > *Cc:* Xue-Feng Yang <just4l...@yahoo.com> > *Sent:* Sat, March 5, 2011 12:58:27 AM > > *Subject:* Re: [Carbon-dev] User based authorization is depreciated in > AuthorizationManager in carbon core > > User based authorization means - ability to assign a particular user a set > of permission. > > We have deprecated this support with role based access control. Every user > belongs to a role and user inherits permissions from the group he belongs > to. > > Thanks & regards, > -Prabath > > On Fri, Mar 4, 2011 at 10:13 PM, Xue-Feng Yang <just4l...@yahoo.com>wrote: > >> Hi, >> >> What is the user based authorization you two talked about? I would like to >> know the current situation, docs, and samples on it. >> >> Thanks, >> >> Xue-Feng >> >> ------------------------------ >> *From:* Amila Suriarachchi <am...@wso2.com> >> *To:* carbon-dev@wso2.org >> *Sent:* Wed, March 2, 2011 5:41:45 PM >> *Subject:* Re: [Carbon-dev] User based authorization is depreciated in >> AuthorizationManager in carbon core >> >> SQS Autherization is user based. so we need user based autherization at >> the carbon Autherization manager level. >> >> thanks, >> Amila. >> >> On Tue, Mar 1, 2011 at 11:07 PM, Manjula Rathnayake <manju...@wso2.com>wrote: >> >>> Hi all, >>> >>> In SQS implementation we have used set of methods related to user based >>> authorization, to provide queue sharing functionality. >>> And In the code review, This was discussed that using depreciated methods >>> in new codes is can not be accepted. >>> >>> So we could not find out any alternate method to get the user based >>> authorization done. >>> Even though the methods (authorizeUser, clearUserAuthorization) are >>> depreciated, they work fine. >>> >>> Can we make available user based authorization methods or any other >>> suggestions on this, please. >>> >>> Thank you. >>> >>> -- >>> Manjula Rathnayaka >>> Software Engineer >>> WSO2, Inc. >>> Mobile:+94 77 743 1987 >>> >>> _______________________________________________ >>> Carbon-dev mailing list >>> Carbon-dev@wso2.org >>> http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>> >>> >> >> >> _______________________________________________ >> Carbon-dev mailing list >> Carbon-dev@wso2.org >> http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >> >> > > > -- > Thanks & Regards, > Prabath > > http://blog.facilelogin.com > http://RampartFAQ.com > > > > _______________________________________________ > Carbon-dev mailing list > Carbon-dev@wso2.org > http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev > >
_______________________________________________ Carbon-dev mailing list Carbon-dev@wso2.org http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
