Monday, October 7, 2013

Fine-grained authorization with PIP points - WSO2 IS

Use Case Scenario :-
User ‘john’ trying to get READ access by using his user id.
Authorization should be given by validating the user id against user name, requesting use name information via PIP point.

PIP requesting information from a web service.











Now lets see how to implement this use case scenario.

1 ) First of all you need to have the jax-rs service implemented.
2) Then you need to deploy it in the application server.

6) You can use the TryIt tool in Identity Server as the PEP to test the XACML policy
7) You need to expose the entitlement service of the IS and then send request via SoapUI (you can also configure WSO2 ESB to further enhance the use case ) 




No comments:

Post a Comment