I know there are hell lot of docs about Spring Security. However, I am unable to find answer to my problem.
As I understand, below configuration will make authentication manager to traverse through each authentication provider unless a match is found.
<bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager">
<property name="providers">
<list>
<ref local="ldapAuthenticationProvider"/>
<ref bean="${bean.daoAuthenticationProvider}"/>
<ref bean="anonymousAuthenticationProvider"/>
</list>
</property>
</bean>
However, I want to switch among available providers based on a request parameter, instead of trying all of them. I was wondering if its possible to switch using a filter or any other way?
Subclass ProviderManager and override getProviders(). Because getProviders() doesn't take any params you'll need to set a ThreadLocal somewhere in the filter chain with either the request or a flag that the request has the parameter you want.
Related
I need to add multiple credentials for one API in wso2 MI. How to achieve this?
If you want to allow a selected set of users to access an API you may have to use role-based authorization. Where you can create a role in MI and assign this role to the users you wish to give access to, then white list this role in the API. For this, you can use this Custom Handler and engage it like shown below.
<handler class="com.ycr.auth.handlers.AuthorizationHandler">
<property name="roles" value="admin,test" />
<property name="authorize" value="true" />
</handler>
You can read more on this here.
I have created an API using WSO2 EI that looks like https://localhost:8243/services/ABC.
Then I want to create another API that gets above API as the endpoint in order to add authentication. So how can I pass value to URL pattern and endpoint to get that?
When URL pattern is /xyz, and the endpoint is https://localhost:8243/services/ABC. It points to https://localhost:8243/services/ABC/xyz that not my endpoint.
Thank you so much!
You can attach a custom sequence to the API.
<sequence xmlns="http://ws.apache.org/ns/synapse" name="header_sequence">
<property name="REST_URL_POSTFIX" scope="axis2" action="remove"/>
</sequence>
This drops the resources and not appending to the path.
Please refer - https://apim.docs.wso2.com/en/latest/deploy-and-publish/deploy-on-gateway/api-gateway/message-mediation/mapping-the-parameters-of-your-backend-urls-with-the-api-publisher-urls/#mapping-the-parameters-of-your-backend-urls-with-the-api-publisher-urls
As per my understanding, you are trying to invoke the backend https://localhost:8243/services/ABC via the API created in APIM. You can try out the following to achieve it,
In the API created in APIM, you can simply add the URL https://localhost:8243/services as the endpoint and then create a resource path as /ABC.
I have one API replicated in multiple backends. I don't have any condition that can differentiate between backends. I tried to use dynamic endpoints and change the message mediation flow:
https://apim.docs.wso2.com/en/latest/deploy-and-publish/deploy-on-gateway/api-gateway/message-mediation/changing-the-default-mediation-flow-of-api-requests/
However, the only difference between requests is the IP address of the backend server:
https://{uri.var.host}/resource
I'm thinking to create every time the API and change the endpoint address but this solution can be complex as I will have the same API replicated many times (around 100) in the wso2 api manager. There is any other solution that can fit my use case?
We can make use of Dynamic Endpoints to achieve your requirement. But, it is required that the client applications need to either send a param or a Header to filter and construct the BE server URL in the mediation sequence to route the requests in the API Manager.
If the client applications can send a header specifying a unique (server) name or any other value while invoking the API, we can use the key to filter (or perform a switch case operation) and construct the BE server URL in the mediation sequence and route them to the respective BE services. Refer to the following Docs for more information.
A sample mediation sequence will be as follows (the client application will be sending a header named as X-ServerName with a name)
<sequence xmlns="http://ws.apache.org/ns/synapse" name="dynamic-endpoint-seq">
<!-- extract the name from the header -->
<property name="server_name" expression="$trp:X-ServerName" />
<!-- switch case for all applicable names -->
<switch source="$ctx:server_name">
<case regex="server-one">
<property name="service_ep" value="http://server-one-ip/resource"/>
</case>
<case regex="server-two">
<property name="service_ep" value="http://server-two-ip/resource"/>
</case>
<default>
<property name="service_ep" value="http://server-default-ip/resource"/>
</default>
</switch>
<header name="To" expression="get-property('service_ep')"/>
</sequence>
Dynamic Endpoints in API Manager
Switch Mediator in WSO2
I am using hadoop-2.6.0 secured with kerberos authentication. For http authentication there is a property called hadoop.http.authentication.signature.secret.file
I have set this property as below in core-site.xml
<property>
<name>hadoop.http.authentication.signature.secret.file</name>
<value>C:\http-signature.secret</value>
</property>
and the http-signature.secret file is empty. But http authentication working fine. If i disable this property then i am getting error while starting nodes.
I want to know the usage of this secret file. Why should we set this property? I have googled it but couldn't find the reason.
Help me to understand the usage of this file.
I found the answer in the below link
http://hadoop.apache.org/docs/stable1/HttpAuthentication.html
I am using RESTful Webservice using Apache CXF (blended with spring).
I am exposing two services in my WADL.
For every request to my Webservice,I need to validate request to a particular schema.One of my exposed service use a specific schema and other service complies to other specific schema.
Can you help me?
There is a couple of ways to do what you need. One way is using jaxrs:schemaLocations element:
<beans>
<jaxrs:server address="/" serviceClass="com.something.ServiceClass">
<jaxrs:schemaLocations>
<jaxrs:schemaLocation>classpath:/schemas/a.xsd</jaxrs:schemaLocation>
<jaxrs:schemaLocation>classpath:/schemas/b.xsd</jaxrs:schemaLocation>
</jaxrs:schemaLocations>
</jaxrs:server>
</beans>
For more information and examples please see this link.