First lets talk about how to expose the entitlement service in the Identity Server.
1) Go to <IS HOME>\wso2is-4.5.0\repository\conf and open the carbon.xml.
2) Change <HideAdminServiceWSDLs> to false as follows.
3) Start the Identity Server.
4) Copy and paste the following url on the browser address bar.
https://localhost:9444/services/EntitlementService?wsdl
If you have saved the settings correctly , you should be able to view the entitlement server wsdl.
5) Save the wsdl file.
Now lets see how to use the wsdl and SoapUI to send requests.
1) Open SoapUI.
2) Go to File in top menu bar and select New SoapUI Project.
3) Give a project and browse for the wsdl file.
4) Then click OK and the simple requests for all operations will be created automatically.
5) Then Select getDecisionByAttributes request as follows.
6) Then fill in the parameter details as follows for our xacml policy we have written.
7) Then you have to authorize the request by entering authorization values as admin , admin for username and password respectively.
Now you can send the request and check for the decisions. The Permit is received as the decision only when the user id 124 trying to READ.
In the next post we will look at a use case scenario where fine grained authorization achieved via xacml engine in WSO2 IS 4.5.0 with PIP points.
Thank you!
2 comments:
Thanks, Umesha. I was looking for that service!
Hi, Umesha. this service is easier than getDecision(). how about this service? I don't know how to assemble a request in SOAP UI, can you help :)
Post a Comment