WSO2 如何将 ESB 与 Identity Server 集成 [英] WSO2 how to Integrate ESB with Identity Server
问题描述
也许我的理解有误,请指教.
Maybe my understanding is wrong, please advice.
要求:
(1) 用户 A 和用户 B 想访问一个 Web 服务 SayHello.
(1) user A, and user B wanna to access a web service SayHello.
(2) 只有用户 A 有权限.
(2) only user A has permission.
(3) SayHello Web 服务只返回一个字符串hello"
(3) SayHello web service simply return a string "hello"
以前:
(1) 要调用SayHello,根据SayHello?wsdl 创建一个客户端.-- 成功
(1) To invoke SayHello, create a client according to SayHello?wsdl. -- Success
(2)通过ESB创建代理服务SayHelloProxyService,将该代理服务托管到SayHello服务,根据SayHelloProxyService?wsdl创建客户端.--成功
(2) Create a proxy service SayHelloProxyService through ESB, host this proxy service to SayHello service, create a client according to SayHelloProxyService?wsdl. --Success
现在:
在里面添加Identity Server,只给用户A访问权限,如下图:
Add Identity Server inside, only give user A access permission, something like the following diagram :
问题:
现在,我在想如果我还想调用 SayHelloProxyService,我应该更改客户端的代码吗?携带一些令牌,如用户名或 SayHelloProxyService 什么?如果是这样如何编写客户端代码?也许我的理解是完全错误的,但如果有一个关于将有很大帮助的小例子,有人知道吗?
for now, I'm thinking if I still wanna to invoke SayHelloProxyService, should I change the client's code? carrying some tokens like username or what to SayHelloProxyService? if so how to write the client code? maybe my understanding is totally wrong, but if there is a small example regarding will be a great help, could anyone know about this?
先谢谢你.
推荐答案
我的理解是您设置了错误的权限.配置 > 用户和角色 > 角色"中的角色权限仅对服务器本身在本地有效,这在您的场景中是有效的,但对外部服务无效.
My understanding is that you are setting the wrong permissions. Role permissions in "Configure > Users and Roles > Roles" are only valid locally for the server itself, which is IS in your scenario, but not for external services.
如果您需要 IS 授权某些服务,而不是更改客户的代码,您可能希望创建一个简单的 XACML 策略,如 [1] 中所述,并启用 WSO2IS 作为策略决策点.
If you need IS to authorize some service, rather than changing your client's code, you might want to create a simple XACML policy like it is described in [1], and enable WSO2IS as a policy decision point.
[1] http:///wso2.org/library/articles/2010/10/using-xacml-fine-grained-authorization-wso2-platform
这篇关于WSO2 如何将 ESB 与 Identity Server 集成的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
