CODEWITHSUNDEEP
securitywso2
jdmichal
jdmichal

Reputation: 11152

WSO2 Carbon - Programmatically Apply Security

I am attempting to write code to programmatically secure a service on a WSO2 Carbon server. I have deconstructed the JSP security code enough to know that it uses the SecurityAdminService to actually execute security operations. I am successfully sending messages to the SecurityAdminService, but get the following error:

<soapenv:Fault xmlns:axis2ns1="http://schemas.xmlsoap.org/soap/envelope/">
    <faultcode>axis2ns1:50977</faultcode>
    <faultstring>Access Denied. Please login first.</faultstring>
    <detail/>
</soapenv:Fault>

This is not really unexpected, but I cannot figure out any way to pass user credentials in this request. The JSP code doesn't offer much help here, as it does login and credential handling through cookies. Is there a way to handle authorization at the same time as the request? Or do I need to just copy what the JSP pages do and POST to a login URL and copy the session cookie into the request?

Upvotes: 0

Views: 298

Answers (1)

Prabath Abeysekara
Prabath Abeysekara

Reputation: 1085

Before calling any of the admin services, you have to first call the AuthenticationAdmin service and get yourself authenticated (against the carbon userstore), as a valid user. You can easily use the AuthenticationAdminStub to call its login method providing your username, password and the hostname/ip of the backend server to get this done. Then you ll be able to successfully proceed with what you've already implemented.

Regards, Prabath

Upvotes: 2

Related Questions