Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
I'm trying to develope a project in java where I'll have 3 different applications running on 3 different servers profiles(IBM WebSphere sevrer).
Application details...
1. Service app1 & Service App2.... When come one sends request to access resources of this app it will first check wherther user is a authorise user or not if no redirect for authentication or if authorise allow him to access the resource.
2. IdV App... this will aithorise the user by asking for user details and if authorize successfully assign saml token to user and redirect to the app from which it got request to authorize the user.
Note : I have searched a lot over internet and gone through the web service guide given by ibm guys also but I didn't found any concreate solution guiding the the way to implement this scenarion.
Guys Please suggest concreate solutions.
Please write proper comment if you are making negative comment.
After a lot of gooogle finally I found this website which will help step by step that how to setup SAML.
http://wiki.servicenow.com/index.php?title=SAML_2.0_Web_Browser_SSO_Profile
Related
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 2 years ago.
Improve this question
I am a beginner in spring boot api . Currently I am through the videos and practicing the programming.
I am developing the application locally using intellij and ultimately aim to deploy to either Google cloud or AWS.
If I want to secure the api using oauth2 then is there any additional cost I need to consider like for eg., authorization server . What all I need to consider like cost, server, platform to deploy etc roughly before I start implementing REST api?any examples to guide for a beginner?
To secure your REST API, we will have to do the following things:
1- Configure Spring Security and the database.
2- Configure the authorization server and resource server.(you need to Create an Authorization Server)
3- Get an access token and a refresh token.
4- Get a protected Resource (REST API) using an access token.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 3 years ago.
Improve this question
We want to use WSO2 AM or IS for authentication and authorization.
We have below main requirements.
WSO2 should be able to Authenticate user
We want to configure API access level in WSO2 example: ROLE based
Authorization (or Policy based ) where we can configure who can
access which web API with Http verb. (In the WSO2 API management,
each user have to subscribe the publish api but I do not want to give
the subscription process for the user)
We should be able dynamically to add/update/delete users, update
Authorization policies/ roles through WSO2 API.
A user can generate a token by rest call and they can access all
application without subscribing Any api.
All these features are available out of the box in WSO2 API Manager. Please go through the following document.
https://docs.wso2.com/display/AM260/Quick+Start+Guide
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
I'm writing a web-application using Java. It's for company's internal use.
Now I want to get the client's account name, which is in AD domain, and send it to server.
What tech should I follow?
Or, is there any other idea to complete the auto-login?
Consider this situation, the user login the windows system and open
our web app via browser, and the web app can know the user's windows
account name.
Thank you!
Based on the limited information, I guess the technology you are looking for is SPNEGO. This is the mechanism by which a browser on a windows machine can authenticate itself to a web-server transparently using the Kerberos keys present on the machine.
Here is a link to its Spring integration: http://projects.spring.io/spring-security-kerberos/
(I personally did not use the above Spring one, but used the Kerberos implementation that came with JDK 1.4)
The older non-secure version of windows transparent web-authentication used to be NTLM, but that shouldn't be supported anymore.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
I need to create vm's in google compute engine. Through google OAuth playground i can create VM, using REST service calls. Same thing i want to do using JAVA as a normal program. For this i have endpoint and request payload. I am not able to understand how we can do OAuth using java. If i pass my gmail credentials in headers Authorization, it is giving like HTTP HTTP Basic Authentication is not supported for this API. Kindly suggest me how i can call those REST endpoint. Please send me step by steps or any sites.
Use the google-api-client library for Java
Use a service
account to authenticate
Never use your username/password in API calls or code !
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
I have an amazon web services MySql database that I want to perform CRUD operations on from an android application. I think that the way to do this is through some HTTP protocol and get and post operations. However, I have access to PHP code that connects to the database and allows me to execute quires. This PHP code is hosted on an elastic beanstalk application. Someone else has used this same code to connect the database to IOS. I am just trying to figure out how it all works.
Is it possible to use the PHP that is hosted to act as an API for me?
--I cant post any links due to security concerns, sorry.--
If you can make a REST call to an HTTP endpoint from your Android device, then yes, the PHP can act as an API.
Consider using the AWS API Gateway as the piece of 'glue' that you are missing, though its not required.
I had some friends help me and what I seem to have on my hands is an API that uses no sort of authentication. It is not restful because no token is returned and it does not implement sessions either. From what I understand, each hosted PHP file can be access via respective HTTP request.
E.J. Brennan proposed adding an instance of AWS API Gateway that I believe to be the next step.