Hi Ushani, Please see my answers inline.
> > Does it mean that use cookie to capture the Basic Auth token need for the > admin service if my understanding is correct? > You don't need to capture Basic Auth token, you can pass the cookie via HTTP Headers to backend, then backend validate is there exiating session with session id of the cookie and allow to invoke services. > an you please let me know what value should I retrieve from the cookie and > appreciate if you can guide me to an example in some documentation, blog or > etc. > You don't need to extract any value from cookie and you can pass the same cookie as HTTP Headers to backend. You can refer [1] how call backend APIs, please check the usages of that and see how to pass the required values. [1] https://github.com/wso2/product-is/blob/5.x.x/modules/jaggery-apps/user-dashboard/dashboard/controllers/wsUtil.jag > > Thanks, > > On Tue, Nov 7, 2017 at 12:34 PM, Godwin Shrimal <god...@wso2.com> wrote: > >> Hi Ushani, >> >> According to what I explained above, you don't need to capture the >> username and generate the basic auth token. You can get the cookie after >> successful authentication and use that cookie to invoke backend services. >> >> Thanks >> Godwin >> >> >> On Tue, Nov 7, 2017 at 12:18 PM, Ushani Balasooriya <ush...@wso2.com> >> wrote: >> >>> Hi Godwin, >>> >>> Yes that is what I need to do. >>> For the Post binding I got the inputs from the servlet and set the Basic >>> auth token in session and use it when invoking the backend. >>> >>> My problem is during the redirect binding. >>> >>> Since the login can be any thridparty IDP and I need to provide login >>> credentials in IDP login screen, I need to find out how to capture >>> credentials in order to generate Basic auth token. >>> >>> Thanks, >>> >>> >>> On Tue, Nov 7, 2017 at 12:00 PM, Godwin Shrimal <god...@wso2.com> wrote: >>> >>>> Hi Ushani, >>>> >>>> As I understand you want to invoke services in the Identity server >>>> after SSO login. Please explain if not. If yes you can use same what we do >>>> in the identity server dashboard. We take the cookie from the header and >>>> use that cookie to invoke backend services. >>>> >>>> >>>> Thanks >>>> Godwin >>>> >>>> On Tue, Nov 7, 2017 at 11:20 AM, Ushani Balasooriya <ush...@wso2.com> >>>> wrote: >>>> >>>>> Hi Malithi, >>>>> >>>>> Thanks for the response. But my concern is IDP can be any one like >>>>> Wso2IS, Salesforce, facebook etc. So for me to invoke I assume I should >>>>> know the client ID and secret of the relevant IDP right? Please correct me >>>>> if I am wrong. I just need to invoke the admin services using Basic Auth. >>>>> >>>>> Appreciate your response. >>>>> >>>>> Thanks, >>>>> >>>>> On Tue, Nov 7, 2017 at 11:12 AM, Malithi Edirisinghe < >>>>> malit...@wso2.com> wrote: >>>>> >>>>>> I think you can use SAML bearer grant here and use the access token >>>>>> to access APIs >>>>>> >>>>>> Thanks, >>>>>> Malithi >>>>>> >>>>>> On Tue, Nov 7, 2017 at 10:11 AM, Ushani Balasooriya <ush...@wso2.com> >>>>>> wrote: >>>>>> >>>>>>> Hi, >>>>>>> >>>>>>> Appreciate your response. >>>>>>> >>>>>>> Thanks, >>>>>>> >>>>>>> On Mon, Nov 6, 2017 at 2:04 PM, Ushani Balasooriya <ush...@wso2.com> >>>>>>> wrote: >>>>>>> >>>>>>>> Hi IAM team, >>>>>>>> >>>>>>>> As a part of my third party web application implementation to add >>>>>>>> users and roles I would like to try if the logged in admin user can >>>>>>>> perform >>>>>>>> the relevant activity within the app. >>>>>>>> >>>>>>>> In order to test Login in to the web app I will be using SAML Post >>>>>>>> binding and as well as the Redirect binding. >>>>>>>> >>>>>>>> When I use the Post binding, I can capture the user name and >>>>>>>> password and generate Basic authentication token retrieving it from the >>>>>>>> servlet request. >>>>>>>> >>>>>>>> My question is, >>>>>>>> >>>>>>>> 1. If I use redirect binding, since the IDP can be any application >>>>>>>> like wso2 IS or Facebook or salesforce etc *(a)* is it a valid use >>>>>>>> case to use the logged in user admin's credentials to generate auth >>>>>>>> token? >>>>>>>> >>>>>>>> *(b)* Or should I hard code one particular admin user's >>>>>>>> credentials or auth token which is configured as admin for the >>>>>>>> thirdparty >>>>>>>> web app to perform the relevant activities? >>>>>>>> >>>>>>>> 2. If *(a) *is valid, how can I retrieve it from the session. I >>>>>>>> can retrieve the username from the SAML2SSO session, but my question >>>>>>>> is how >>>>>>>> to retrieve the password to generate auth token? >>>>>>>> >>>>>>>> Appreciate your response. >>>>>>>> >>>>>>>> Thanks, >>>>>>>> -- >>>>>>>> *Ushani Balasooriya* >>>>>>>> Associate Technical Lead - EE; >>>>>>>> WSO2 Inc; http://www.wso2.com/. >>>>>>>> Mobile; +94772636796 >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> *Ushani Balasooriya* >>>>>>> Associate Technical Lead - EE; >>>>>>> WSO2 Inc; http://www.wso2.com/. >>>>>>> Mobile; +94772636796 >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> >>>>>> *Malithi Edirisinghe* >>>>>> Associate Technical Lead >>>>>> WSO2 Inc. >>>>>> >>>>>> Mobile : +94 (0) 718176807 >>>>>> malit...@wso2.com >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> *Ushani Balasooriya* >>>>> Associate Technical Lead - EE; >>>>> WSO2 Inc; http://www.wso2.com/. >>>>> Mobile; +94772636796 >>>>> >>>>> >>>> >>>> >>>> -- >>>> *Godwin Amila Shrimal* >>>> Associate Technical Lead >>>> WSO2 Inc.; http://wso2.com >>>> lean.enterprise.middleware >>>> >>>> mobile: *+94772264165* >>>> linkedin: *https://www.linkedin.com/in/godwin-amila-2ba26844/ >>>> <https://www.linkedin.com/in/godwin-amila-2ba26844/>* >>>> twitter: https://twitter.com/godwinamila >>>> <http://wso2.com/signature> >>>> >>> >>> >>> >>> -- >>> *Ushani Balasooriya* >>> Associate Technical Lead - EE; >>> WSO2 Inc; http://www.wso2.com/. >>> Mobile; +94772636796 >>> >>> >> >> >> -- >> *Godwin Amila Shrimal* >> Associate Technical Lead >> WSO2 Inc.; http://wso2.com >> lean.enterprise.middleware >> >> mobile: *+94772264165* >> linkedin: *https://www.linkedin.com/in/godwin-amila-2ba26844/ >> <https://www.linkedin.com/in/godwin-amila-2ba26844/>* >> twitter: https://twitter.com/godwinamila >> <http://wso2.com/signature> >> > > > > -- > *Ushani Balasooriya* > Associate Technical Lead - EE; > WSO2 Inc; http://www.wso2.com/. > Mobile; +94772636796 > > -- *Godwin Amila Shrimal* Associate Technical Lead WSO2 Inc.; http://wso2.com lean.enterprise.middleware mobile: *+94772264165* linkedin: *https://www.linkedin.com/in/godwin-amila-2ba26844/ <https://www.linkedin.com/in/godwin-amila-2ba26844/>* twitter: https://twitter.com/godwinamila <http://wso2.com/signature>
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
