Hi, I installed OAuth feature of WSO2 IS and was able to generate a token and validate a token by invoking the admin services using SOAP UI. I will now try to do the same with code at the time of application deployment.
Found several issues We already use SSO feature, so newest oauth feature did not work due to CNF issues. identity is not compatible with oauth feature On Tue, Nov 18, 2014 at 12:59 PM, Udara Liyanage <ud...@wso2.com> wrote: > Hi Sumedha, > > > Currently "no". We need to support both Single JVM and destributed setups. > For single JVM, we may need to install either API manager key-manager > feature or IS oAuth feature. > > On Tue, Nov 18, 2014 at 12:31 PM, Sumedha Rubasinghe <sumedh...@gmail.com> > wrote: > >> Udara, >> Do you have WSO2 API Manager/IS running? >> >> On Tue, Nov 18, 2014 at 11:00 AM, Udara Liyanage <ud...@wso2.com> wrote: >> >>> Hi, >>> >>> Currently we use username/password base authentication when retrieving >>> and publishing metadata via metadata service API. The issue with this >>> approach is one client can access/alter other app's data if it know the >>> application id. >>> I suggest to use oAuth to secure resources and let the client access >>> only the metadata related to its application. >>> I am doing R&D on possible ways of accomplishing this task and will >>> update the thread on my finding. Currently I am assesing the feasibility of >>> WSO2 IS Oauth feature and WSO2APIM key manager feature. >>> >>> >>> -- >>> >>> Udara Liyanage >>> Software Engineer >>> WSO2, Inc.: http://wso2.com >>> lean. enterprise. middleware >>> >>> web: http://udaraliyanage.wordpress.com >>> phone: +94 71 443 6897 >>> >> >> > > > -- > > Udara Liyanage > Software Engineer > WSO2, Inc.: http://wso2.com > lean. enterprise. middleware > > web: http://udaraliyanage.wordpress.com > phone: +94 71 443 6897 > -- Udara Liyanage Software Engineer WSO2, Inc.: http://wso2.com lean. enterprise. middleware web: http://udaraliyanage.wordpress.com phone: +94 71 443 6897
