in fact i have read this article:
http://wso2.com/library/articles/2013/11/fine-grained-xacml-authoriation-with-pip-points/
it was really interesting for me. it matches very well what i want to do.
i've tried to do the same thing but using wso2am 1.7.0 API Manager.
But while i'm trying to retrieve the policies navigating in the carbon UI
home->PAP->PolicyAdministration
i got the following exception
The following error details are available. Please refer logs for more details.
org.apache.axis2.AxisFault: Exception occurred while trying to invoke service method getAllPolicies
at org.wso2.carbon.identity.entitlement.ui.client.EntitlementPolicyAdminServiceClient.handleException(EntitlementPolicyAdminServiceClient.java:478)
at org.wso2.carbon.identity.entitlement.ui.client.EntitlementPolicyAdminServiceClient.getAllPolicies(EntitlementPolicyAdminServiceClient.java:81)
at org.apache.jsp.entitlement.index_jsp._jspService(org.apache.jsp.entitlement.index_jsp:183)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:111)
Can anyone help me answering these questions?
IS it possible to do the same thing with WSO2 AM?
Do you have idea to solve this issue?
Thanks.
Yes.. you can do it with APIM, but you need to install the XACML feature in to the Identity Server. According to the your comment, It seems to be that you have already installed the XACML feature in APIM. Because if not, you can not see the PAP->Policy Administration UI. But there can be some version mismatch when installing the feature.. Because APIM and WSO2IS may not have released in same version of the org.wso2.carbon.identity.entitlement.stub. However same type of SO question can be found from here. I have given some solution for it. You can try it as well. But if you are looking for proper deployment, I suggest to use Identity Server as separate PDP engine rather than installing PDP feature in the APIM. You can find about more details from here as well
Related
I have been trying to secure my Azure Cloudify Manager by putting on the Web UI where you need to log into the manager as shown here:
http://docs.getcloudify.org/3.4.0/manager_webui/login/
There doesnt seem to be any guides on it.
I am using version 3.4.0.2 that comes with the Installation of the Cloudify CLI
Any help would be much appreciated.
Thanks,
Tom
Tom,
The article you point to says "After bootstrapping the manager with security support[...]" which means you would have had to use a manager (bootstrap) blueprint that had security enabled. I believe the doc resource you're looking for can be found here:
http://docs.getcloudify.org/3.4.0/manager/security/
For specific reference, you can find the manager blueprint and the corresponding "security" section outlined here:
https://github.com/cloudify-cosmo/cloudify-manager-blueprints/blob/3.4.0.2/types/manager-types.yaml#L82
Hope that helps.
Joshua
has anybody tried installing in digital ocean? what is the recommended specification and have they exposed any REST APIs? Their documentation is not yet complete and unable to judge how to close to they are production ready?
It installs on Ubuntu (no matter which cloud provider) easily.
It is production ready, there was a blog post about it.
Documentation has been fulfilled to a 1.0 release too.
We are planning to use Okta as our identity provider and found some resources on its developer site, we was thinking to use Database sync option, we have already number of users on our own database so I want some detailed technical guidance that how we can sync things with Okta and how later we can support SAML 2.0 protocol with other identity providers.
Please provide some detailed things for start point. we are using mysql databases right now.
It would be great support if all technical resources in detail because I dont found enough detailed checklist on side.
Thanks
You might start with the On-Premise Provisioning Guide available at:
Example Setup of On-Premises Provisioning and MySQL
If you get stuck, add a comment to your question or ask a new one.
I am using SAML2.0 Protocol and I want to be a Service provider at my side.
I am using opensaml library to construct my provider. I am in need of a Identity Provider to test my set up.
Can I use Oracle as my Test Identity Provider ? Is it free to use ? I am already using salesforce as my test Idp. I need another Idp to test.
Summary :
Can I use Oracle SAML2.0 as Identity Provider to test my Service Provider? If not suggest me someother which is configurable basically.
EDIT: If Oracle can be used , could anyone please suggest the way to configure it?
Thanks in Advance.
There is an open, free to use basic Idp at http://stubidp.kentor.se. It will allow accept AuthnRequests from any source and reply back to the assertion consumer service URL specified in the AuthnRequest. Currently it can only provide a Subject NameId, but if that is enough it is a simple test solution.
Disclosure notice: I'm the author of the stubidp, but I won't make any money out of anyone using it, it's provided entirely as a free service.
Oracle is not free and is not trivial to install / configure.
You could install Shibboleth, SimpleSAMLphp or look at SSO Circle.
I'm trying my hand at using the Viewpoint gem (by zenchild # github) as the base for a meeting scheduling system. It's great at reading calendar information from regular Exchange 2007 accounts, but I got stuck trying to change the SOAP request header to allow me to read resource accounts as a delegate.
I came across Link and it seems to indicate what I need to end up with, and I have the feeling I'm in the right place, but I'm just not quite there yet as a ruby/soap programmer. Any help would be appreciated...
Thanks!
Scott,
I just saw your posting and I know it's a little old, but if you still need to solve your issue the upcoming version of Viewpoint has delegate access integrated into it. You can get it today by cloning the github repo.
http://github.com/zenchild/Viewpoint
If you take a look the README file it talks about it a bit, but if you need additional help send me a message on github or stackoverflow and I'll help you out.
Cheers,
Dan