Your suggestion is good,
However, I don't want to redirect my application to APIM and prompt the
login screen.
Rather, *as an alternative*, I'd like to invoke user validation APIM
API ( *exist
?*) for authentication. Do we have user validation APIM API?
*something like this ...*
// invoke APIM LDAP user authentication API
*// Request JSON payload data:*
{
"credentials": {
"username": "userx",
"password": "mypass"
}
}
*// Response data:*
{
"response": {
"status": "true"
}
}
Do we have similar such facility?
Regards
Shib
On Mon, Jun 11, 2018 at 5:01 PM, Harsha Kumara <[email protected]> wrote:
>
>
> On Mon, Jun 11, 2018 at 2:57 PM shibsankar <[email protected]> wrote:
>
>> Let me explain in detail what I plan to achieve.
>>
>>
>> Step 1: User will login to my web application (angular js front end).
>>
>> *Step 2: I want to validate these users against LDAP User Store
>> configured in WSO2*
>>
> I think it would be best to use implict grant type for this purpose.
> Basically when someone want to login to the your application they will be
> redirect to APIM which they will prompt the login screen. After successful
> authentication they will obtain a token and redirect back to your
> application.
>
>> Step 3: Once these users are authenticated, I plan to invoke token API
>> with password grant to obtain an OAuth 2 token.
>>
>> Step 4: Once I receive the OAuth2 token, I would invoke APIM to get a
>> response from backend rest API.
>>
>>
>> I'm at *Step 2. * Can we authenticate logged in users against WSO2 LDAP
>> user store? whats the curl command for this?
>>
>> Regards
>> Shib
>>
>>
>> <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
>> Virus-free.
>> www.avast.com
>> <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
>> <#m_8422013387296300243_m_4987511863897348861_DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
>>
>> On Mon, Jun 11, 2018 at 2:34 PM, Dinusha Dissanayake <[email protected]>
>> wrote:
>>
>>> Hi Shib,
>>>
>>> I guess you are authenticating the user to perform certain operations in
>>> APIM through rest APIs ?.
>>> Please refer the documentation[1] which includes details of our REST
>>> APIs (store/publisher and admin portal). There it has explained what you
>>> have to do to get the necessary access tokens before invocation those rest
>>> APIs. Please refer the "Getting started" section of any of the subsections
>>> (eg [2] ) for necessary details.
>>>
>>> [1] https://docs.wso2.com/display/AM210/RESTful+APIs
>>> [2] https://docs.wso2.com/display/AM210/apidocs/store/#guide
>>>
>>>
>>>
>>> On Mon, Jun 11, 2018 at 2:21 PM, shibsankar <[email protected]> wrote:
>>>
>>>> I have configured LDAP as a User Store in WSO2 (*screenshot attached*).
>>>> This is okay.
>>>>
>>>> Now I plan to send an LDAP user id & password through *Postman *to
>>>> WSO2 server to verify successful authentication.
>>>>
>>>> Could you please tell which WSO2 URL to invoke and what parameters to
>>>> pass through *Postman* to test successful authentication?
>>>>
>>>> Regards
>>>> Shib
>>>>
>>>>
>>>> On Mon, Jun 11, 2018 at 12:46 PM, Dinusha Dissanayake <
>>>> [email protected]> wrote:
>>>>
>>>>> Hi Shib,
>>>>>
>>>>> Yes you can. But you may need to configure LDAP as a user store first.
>>>>>
>>>>> Please follow the document[1] to configure use stores.
>>>>>
>>>>> [1] https://docs.wso2.com/display/AM210/Configuring+User+Stores
>>>>>
>>>>> Thanks,
>>>>> DinushaD
>>>>>
>>>>> On Mon, Jun 11, 2018 at 12:42 PM, shibsankar <[email protected]> wrote:
>>>>>
>>>>>> Hi,
>>>>>> I have an LDAP with user credentials.
>>>>>>
>>>>>> Can I use LDAP user credentials as password grant to generating
>>>>>> Oauth 2 token?
>>>>>>
>>>>>>
>>>>>> *Please see the screenshot attached.*
>>>>>>
>>>>>> Regards
>>>>>> Shib
>>>>>>
>>>>>>
>>>>>> <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
>>>>>> Virus-free.
>>>>>> www.avast.com
>>>>>> <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
>>>>>> <#m_8422013387296300243_m_4987511863897348861_m_5925729601328441019_m_4045808147317074170_m_3545910350936696630_m_-7733728954474898531_DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Dinusha Dissanayake
>>>>> Software Engineer
>>>>> WSO2 Inc
>>>>> Mobile: +94712939439
>>>>> <https://wso2.com/signature>
>>>>>
>>>>
>>>>
>>>
>>>
>>> --
>>> Dinusha Dissanayake
>>> Software Engineer
>>> WSO2 Inc
>>> Mobile: +94712939439
>>> <https://wso2.com/signature>
>>>
>>
>>
>
> --
> Harsha Kumara
> Associate Technical Lead, WSO2 Inc.
> Mobile: +94775505618
> Blog:harshcreationz.blogspot.com
>
_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev
