Entitlement Servlet Filter is for check the Authorization of the requests which are coming to a webapp. This guide will tel you how to add that to a existing web of yours. You can read more about Entitlement Servlet Filter Here.
The steps to add Entitlement Servlet Filter to your Web App :
So after following these steps your webApp is successfully secured with Entitlement Filter. You can find a sample project here.
Also make sure that you have to put the org.wso2.carbon.identity.entitlement.filter_4.0.2.jar, org.wso2.carbon.identity.entitlement.proxy_4.0.2 and org.wso2.carbon.identity.entitlement.stub_4.0.0.jar to your java classpath. The links for those jar is here. Also you can build those jars by using these links.
https://svn.wso2.org/repos/wso2/carbon/platform/trunk/service-stubs/org.wso2.carbon.identity.entitlement.stub/
https://svn.wso2.org/repos/wso2/carbon/platform/trunk/components/identity/org.wso2.carbon.identity.entitlement.proxy/
https://svn.wso2.org/repos/wso2/carbon/platform/trunk/components/identity/org.wso2.carbon.identity.entitlement.filter/
The steps to add Entitlement Servlet Filter to your Web App :
- Add one of J2EE Authentication Mechanism to the WebApp. (Still Entitlement Filter Support Basic Auth Only). To do this task add following to the web.xml of your WebApp.
<security-constraint> <display-name>Example Security Constraint</display-name> <web-resource-collection> <web-resource-name>Protected Area</web-resource-name> <!-- Protected URL --> <url-pattern>/protected.jsp</url-pattern> <!-- If you list http methods, only those methods are protected --> <http-method>DELETE</http-method> <http-method>GET</http-method> <http-method>POST</http-method> <http-method>PUT</http-method> </web-resource-collection> <auth-constraint> <!-- Anyone with one of the listed roles may access this area --> <role-name>admin</role-name> </auth-constraint> </security-constraint> <!-- Default login configuration uses form-based authentication --> <login-config> <auth-method>BASIC</auth-method> <!--<auth-method>FORM</auth-method>--> <realm-name>Example Form-Based Authentication Area</realm-name> <form-login-config> <form-login-page>/protected.jsp</form-login-page> </form-login-config> </login-config> <!-- Security roles referenced by this web application --> <security-role> <role-name>everyone</role-name> </security-role> <security-role> <role-name>admin</role-name> </security-role>
- Engage the Entitlement Servlet Filter. To do this task add following to the web.xml of your WebApp.
<!-- Filter mappings used to configure URLs that need to be authorized --> <filter-mapping> <filter-name>EntitlementFilter</filter-name> <url-pattern>/protected.jsp</url-pattern> </filter-mapping>
- Provide necessary parameters to the Entitlement Servlet filter. To do this task add following to the web.xml of your WebApp.
<!-- The scope in which the subject would be available. Legal values are basicAuth, request-param, request-attribute, session --> <context-param> <param-name>subjectScope</param-name> <param-value>basicAuth</param-value> </context-param> <!-- The name of the identifier by which to identify the subject --> <context-param> <param-name>subjectAttributeName</param-name> <param-value>username</param-value> </context-param> <!-- The username to perform EntitlementService query--> <context-param> <param-name>userName</param-name> <param-value>admin</param-value> </context-param> <!-- The password to perform EntitlementService query --> <context-param> <param-name>password</param-name> <param-value>admin</param-value> </context-param> <!-- The URL to perform EntitlementService query--> <context-param> <param-name>remoteServiceUrl</param-name> <param-value>https://localhost:9443/services/</param-value> </context-param> <!-- EntitlementFilter Settings --> <filter> <filter-name>EntitlementFilter</filter-name> <filter-class>org.wso2.carbon.identity.entitlement.filter.EntitlementFilter</filter-class> <!--Client Class that extends AbstractEntitlementServiceClient. Legal values are basicAuth, soap and thrift. Default is 'thrift'.--> <init-param> <param-name>client</param-name> <param-value>basicAuth</param-value> </init-param> <!--Decision caching at PEPProxy. Legal values are simple and carbon.--> <init-param> <param-name>cacheType</param-name> <param-value>simple</param-value> </init-param> <!--Maximum number of cached entries. Legal values are between 0 and 10000 --> <init-param> <param-name>maxCacheEntries</param-name> <param-value>1000</param-value> </init-param> <!-- Time interval for which cached entry is valid.--> <init-param> <param-name>invalidationInterval</param-name> <param-value>100000</param-value> </init-param> <!-- URL ro redirect to if authorization fails --> <init-param> <param-name>authRedirectUrl</param-name> <param-value>/index.jsp</param-value> </init-param> <!-- This will be used if the transport type is thrift. --> <init-param> <param-name>thriftHost</param-name> <param-value>localhost</param-value> </init-param> <!-- This will be used if the transport type is thrift.--> <init-param> <param-name>thriftPort</param-name> <param-value>10500</param-value> </init-param> </filter>
So after following these steps your webApp is successfully secured with Entitlement Filter. You can find a sample project here.
Also make sure that you have to put the org.wso2.carbon.identity.entitlement.filter_4.0.2.jar, org.wso2.carbon.identity.entitlement.proxy_4.0.2 and org.wso2.carbon.identity.entitlement.stub_4.0.0.jar to your java classpath. The links for those jar is here. Also you can build those jars by using these links.
https://svn.wso2.org/repos/wso2/carbon/platform/trunk/service-stubs/org.wso2.carbon.identity.entitlement.stub/
https://svn.wso2.org/repos/wso2/carbon/platform/trunk/components/identity/org.wso2.carbon.identity.entitlement.proxy/
https://svn.wso2.org/repos/wso2/carbon/platform/trunk/components/identity/org.wso2.carbon.identity.entitlement.filter/
No comments:
Post a Comment