You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@stratos.apache.org by Udara Liyanage <ud...@wso2.com> on 2014/12/02 08:51:21 UTC
How to call an admin service from Stratos web app API
Hi,
I am trying to invoke the OAuthAdminService admin service which is in the
same Stratos server. When I tried executing the service via stub, it
throws unauthorized error.
According to the docs, AuthenticationAdmin admin service should be called
prior and get session cookie. However it requires username/password to
call the AuthenticationAdmin service.
My concern is, since the API invoker is already authenticated
in StratosAuthenticationHandler, should n't he able to invoke the admin
service without re authenticating.
I investigated further how StratosAuthenticationHandler handles the
authentication. It calls the authenticate() of the userStoreManager which
does not return a session from carbon level.
1. if (certObject != null || userRealm.getUserStoreManager().authenticate
(username, password)) { // if authenticated
2.
3. // setting the correct tenant info for downstream
code..
4. PrivilegedCarbonContext carbonContext =
PrivilegedCarbonContext.getThreadLocalCarbonContext();
5. carbonContext.setTenantDomain(tenantDomain);
6. carbonContext.setTenantId(tenantId);
7. carbonContext.setUsername(username);
8. //populate the secuirtyContext of authenticated user
9. SecurityContext securityContext = new
StratosSecurityContext(username);
10. message.put(SecurityContext.class, securityContext);
11.
12. // set the authenticated flag and let the request to
continue
13. AuthenticationContext.setAuthenticated(true);
14. if (log.isDebugEnabled()) {
15. log.debug("Authenticated using the " +
CookieBasedAuthenticationHandler.class.getName() + "for username :" +
16. username + "tenantDomain : " +
tenantDomain + " tenantId : " + tenantId);
17. }
18. return null;
[1] https://docs.wso2.com/display/SS110/Calling+Admin+Service+from+Apps
--
Udara Liyanage
Software Engineer
WSO2, Inc.: http://wso2.com
lean. enterprise. middleware
web: http://udaraliyanage.wordpress.com
phone: +94 71 443 6897