Hai Vijitha..!
Yes you are right..! The issue is that we have to pass the
username,pwd, cliend,id, cliend secret, access endpoint, authrize endpoint
with the HTTP header of the REST calls.
thats is why I said if we can somehow generate the access token to be
visible then we can jus
On Tue, Jan 15, 2013 at 7:27 PM, Sriragu Arudsothy wrote:
> Hai..!
>
> I have found some useful samples. After I went through I think I
> can generate the Access token using the [client id, secret, username, pwd].
> Also we can validate the access token to proceed or give an error messa
Hai..!
I have found some useful samples. After I went through I think I
can generate the Access token using the [client id, secret, username, pwd].
Also we can validate the access token to proceed or give an error message.
After we installed the OAuth feature through the feature manager
yes of course, pls let me know the time/venue.
Thanks!
Ragu
On Mon, Jan 14, 2013 at 10:24 PM, Prabath Siriwardena wrote:
> Hi Ragu,
>
> Shall we chat on this tomorrow...
>
> Thanks & regards,
> -Prabath
>
>
> On Mon, Jan 14, 2013 at 8:34 PM, Sriragu Arudsothy wrote:
>
>> Hai !
>>
>> As y
Hi Ragu,
Shall we chat on this tomorrow...
Thanks & regards,
-Prabath
On Mon, Jan 14, 2013 at 8:34 PM, Sriragu Arudsothy wrote:
> Hai !
>
> As you said I have to write a handler that should extracts the
> bearer token which is passed with the Http header with the request.
>
> The heade
Hai !
As you said I have to write a handler that should extracts the
bearer token which is passed with the Http header with the request.
The header format will be similar to[ Authorization: Bearer
wU62DjlyDBnq87GlBwplfqvmAbAa.] "wU62DjlyDBnq87GlBwplfqvmAbAa" as from the
API manager docume
On Sun, Jan 13, 2013 at 11:36 PM, Sriragu Arudsothy wrote:
> Hai Senaka..!
>
>OAuth 2.0 provides 4 types of Authentication grant
> type. All four types of grant types are requiring the client id/client
> secret atleast. The OAuthTokenValidationService requires either client
> i
You need to write a handler which extracts out the bearer token from the
HTTP request and calls the OAuth authorization server (AS). This is the
same logic in the API Gateway's API Handler.
You are the resource server and the communication between the Resource
Server(RS) and the AS has no standard
Hi Ragu,
I believe that we should be having standard answers to "how to secure a
REST API using OAuth 2.0" as well as "how to invoke a REST API secured with
OAuth 2.0", at least in the AM world. Can you get some insight into how
such is done.
Thanks,
Senaka.
On Sun, Jan 13, 2013 at 11:36 PM, Sri
Hai Senaka..!
OAuth 2.0 provides 4 types of Authentication grant type.
All four types of grant types are requiring the client id/client secret
atleast. The OAuthTokenValidationService requires either client id/client
secret or username/pwd with client secret depends on the OAuth
Hi Ragu,
While I'm unable to provide the best answer for #2 right away without doing
some research into how OAuth 2.0 is implemented in our platform, for #1,
you definitely can and must use the component and not IS for the REST API
implementation in G-Reg. Also, please validate that the features t
Hai ,
When invoke the REST calls to access the resources or resource
related properties, the request has to be authenticated against the user
credentials using OAuth 2.0. It is a jax web app running on G-Reg.
Currently it works without the OAuth mechanism. I went through some extent
on how
12 matches
Mail list logo