Friday, November 20, 2015

WSO2 Identity Server - How to add new attributes to the XACML Policy Editor

Hi All,

This is a very quick tutorial on how to add new attribute to the XACML policy editor.

1) I have a newly introduced  claim as special name and I need to add this to the XACML policy editor

2) Go to Policy Administration -> Add new entitlement policy and you can see all the policy editors

3) Click 'here' link on the Standard Policy Editor description



4) First you need to add SpecialName as an <attributeId> as follows :-


5) Then add the arrtibute description under <attributeIds>


6) Once you update you can see this new attribute in the relevant areas of the policy editor as follows :-


Cheers..!!

Tuesday, November 17, 2015

How to apply security policies with WSO2 ESB 4.9.0

Hi All,

Here is a quick tutorial on how to create a secured service in WSO2 ESB 4.9.0. As QoS is removed from the admin console, now you will have to use WSO2 Developer Studio to apply the relevant security policies for the proxy services.

1) Download WSO2 ESB 4.9.0 and WSO2 Developer Studio 3.8.0
2) Extract these into folders
3) First we need to create a policy using the developer studio
Please refer following URL on creating a new policy - here we can use UsernamToken Policy
policy https://docs.wso2.com/display/DVS380/Applying+Security+for+a+Service#ApplyingSecurityforaService-Creatingthesecuritypolicy

4) Then you need to create the proxy service - for this first create an ESB Config Project from the Developer Studio Dashboard - then right click on the project name and add a proxy service

5) For this scenario lets create a simple Pass through proxy- lets use StockQuote Sample as the sample endpoint

Please follow the following link on how to startup the sample services https://docs.wso2.com/display/ESB490/Setting+Up+the+ESB+Samples#SettingUptheESBSamples-StartingtheAxis2server

6) After creating the proxy , you need to add the previously created security policy to the proxy service

Please refer the following guide on how to do that  https://docs.wso2.com/display/DVS380/Applying+Security+for+a+Service#ApplyingSecurityforaService-Applyingsecurityforaproxyservice

7) After creating both proxy service and the policy , you need to deploy this into the ESB. For this purpose lets create a composite application First

8) Go to the Developer studio dashboard and Click on Composite Application Project - there give a name to the project and select both the proxy service project and the policy project you have created and click on Finish

9) Now right click on the created composite application project and click on Export Composite Application Project

10) Now startup the ESB server and Login - then go to Carbon Applications from the right side menu and upload the car file by clicking on Add

11) After the successful deployment of the .car file when you go to list the proxy services you can see the created Proxy Service with Security Applied


12) Click on Try this Service and the following window will be opened


Note :- please enter the username and password and select the https endpoint as shown above and invoke the service with a parameter ex:- IBM

You will get the relevant response :)

Cheers...!!

Friday, November 13, 2015

WSO2 Identity Server - Quick tutorial on how to invoke Authentication admin Login via SOAPUI

1. Download WSO2 Identity Server latest version (in this blog I have used 5.0.0)
2. Extract the .zip file and go to  <PRODUCT_HOME>/repository/conf/carbon.xml file.
3. Change <HideAdminServiceWSDLs> element to false 
4. Start the Identity Server by running the wso2server.bat (in windows environment .sh in linux) file in the bin folder
5.You can access the Authentication admin wsdl by typing the following into the browser url https://localhost:9443/services/AuthenticationAdmin?wsdl
6. Please refer this url for how to list all the admin services offered by WSO2 IS 
https://docs.wso2.com/display/IS500/Calling+Admin+Services
7. Now copy the wsdl url and create a new project in SOAPUI

8. Then double click on the login request and fill in the parameters for the login request as below

9. Once you invoke it you can see the response as true of false in the SOAPUI and also on the console of Identity Server as 

[2015-11-13 16:53:21,451]  INFO {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} -  'hasini@carbon.super [-1234]' logged in at [2015-11-13 16:53:21,451+



cheers...!!!