Next variation on the theme - SAML Authorization.
I have a web service deployed to WLS -
I register it with OEG -
I create the following policy -
Now let's look at the first filter -
Note the following -
SOAP Actor/Role set to Current Actor/Role only
Resource set to http://localhost:8082/SAMLAuthoriseDemo
This will be the OEG URL.
/SAMLAuthoriseDemo being the relative path I'll create later.
For Trusted Issuer:
I just selected one from the list offered, after pressing the Add button.
The Web Service filter simply calls the FraudCheckService
I create the relative path
I deploy and test
As expected, it throws an error -
Back in Service Explorer - add a SAML Authorization token
Configure as follows -
Choose the same TrustedIssuer as specified in the policy
as the policy filter only accepts assertions that have been issued by the selected SAML Authorities.
Set the Resource value to http://localhost:8082/SAMLAuthoriseDemo
Set the Action value to Read
View the token generated
Re-Test
We can also encrypt the token in Service Explorer
re-test
No comments:
Post a Comment