Configuration Assist #71
Comments
|
Hi, Having multiple resource servers is exactly what Apis is all about. Does this help you? Kind regards, On 3 February 2015 at 15:42, kumaranilgupta [email protected]
|
|
Hi Gvanderploeg, Thanx for the reply, from apis, whenever we request from below Url.. Hint: http://localhost:8180/v1/api/course So after i added new resource server and when i try to fetch some details from my json i get following error in console. 10:54:27.061 [qtp954934397-21] WARN o.s.oaaas.resource.VerifyResource - For access token d7c5074d-2f7f-44eb-9aad-7a777b4685d8: Resource server not found for credentials UserPassCredentials [university-foo]. Responding with 401 in VerifyResource#verifyToken. my new resource server details are key : 21989681-a91b-4c07-b228-04c8628aa57a and i want to add a new json file university-foo.json So if apis can server many resource server to its connected client then why have you added resource server details on university-foo-local.yml. Thanx |
|
Hi, I think I need to clarify some more. Of course you could configure 2 example resource servers side by side, but that means you have to really separate them: each has its own JVM, configuration file, its own http port to listen on, just like real applications would have. Maybe it would help if you sketch your business problem? What is your intention for using Apis? Kind regards, |
|
Hi Geert, I am having 5 API and I want to secure them using OAUTH2 and So for my API, Do i need to have 5 more module for my 5 API like you have in APIS On Wed, Feb 4, 2015 at 1:39 PM, Geert van der Ploeg <
Regards |
|
Hi Geert, I am having 5 open API and I want to secure them using OAUTH2 and So for my API, Do i need to have 5 jsons and 5 configuration files , Please guide me . Do i need to have 5 more module for my 5 API like you have in APIS ...(apis-example-resource-server) if so then prbobably i will have 5 jars containing 5 yml and 5 jsons file , Am i Correct on this , or do i need another approach. |
|
Alright, 5 APIs you want to secure. Of course, you could use example-resource-server as a starting point for implementing your actual resource server, but I do not recommend that. As I said before, the example-resource-server is just a showcase for the OAuth process, and not a particularly solid base for an application with 5 API's. |
|
Hi Geert, as of now my 5 api are in separate it has separate project , and in future a client can be either from android,ios or from windows. as you said having example-resource-server is just a showcase for the OAuth process. Probably what i would do is , existing we have 3 steps in example, So i will customize it on 1 step where a normal authentication from db i will redirect to a page in http://localhost:8084/test(test i will replace) and then will ask user to provide key and secret after then 2nd and 3rd step i will hide as you have done to show the process, and after key and secret i will be displaying my 5 API where if a user is authorize to acess those api then he can able to access like university json example or else if he is not authorized then we will recieve a error. let me know your suggestion to implement. I just saw that every client belongs to only one resource server which is a big issue for me. At any cost i need to have a client to access for multiple resource server. Please guide how can i have a access a client for multiple resource server Thanx |
|
Hi Geert, as of now my 5 api are in separate it has separate project , and in future a client can be either from android,ios or from windows. as you said having example-resource-server is just a showcase for the OAuth process. Probably what i would do is , existing we have 3 steps in example, So i will customize it on 1 step where a normal authentication from db i will redirect to a page in http://localhost:8084/test(test i will replace) and then will ask user to provide key and secret after then 2nd and 3rd step i will hide as you have done to show the process, and after key and secret i will be displaying my 5 API where if a user is authorize to acess those api then he can able to access like university json example or else if he is not authorized then we will recieve a error. let me know your suggestion to implement. I just saw that every client belongs to only one resource server which is a big issue for me. At any cost i need to have a client to access for multiple resource server. Please guide how can i have a access a client for multiple resource server Thanx |
|
You are correct in that there is a one-to-many relation between resource servers and clients (and also between clients and access tokens, effectively restricting each token to one resource server only) By the way: I have my doubts about this. The relation between a resource server and a client is typically a long-lived one, for which developers probably write some code, think about scoping, define configuration (endpoint url as minimum), test thoroughly... To have to configure separate credentials for each resource server doesn't seem like a burden for a client developer to me. I think that this could get hairy very quickly.... The spec, RFC 6749, says: " |
|
Hi, Please find my reply in followed by **** By the way: I have my doubts about this. The relation between a resource yes you are right I need a client *client_application_xyz to have access to We can't have 5 login details for 5 api , we need one gateway to authenticate for all the api and token will be generated for depend on use accessibility for their corresponding authorized api. The spec, RFC 6749, says: "A single authorization server may issue access Yes this is what i am in need for.* Thanking you alot :) On Thu, Feb 5, 2015 at 7:49 PM, Geert van der Ploeg <
Regards |
|
Please, format your replies using Markdown. "blue text" won't display when messaging via Github... You say:
Are you sure about the OAuth concepts here? A Access restriction using scopes (read/write vs. only read) is a multi-level thing: a Please think this through before trying to implement the feature you think you need. Hope this helps. |
|
Hi Thanx for clearing concepts on OAuth Concepts, Yes Client is an application that requests resources that are owned Let me elaborate more about my requirement I have 5 application ,
I will have a single login page for all the above applications and all the So I will have a client application where a end user will validate and Flow Client Application = A user USER_VISITOR request a access for IT Again if a user as user_admin tries to access then he should have the I mean USER_VISITOR is a end user. There will be an application from where a client_user will be validated, so relation here is. A end user user_admin can have a access to multiple resource server Centre Support 3) Application for Marketing4) Application for outside user if a end user is from marketing then he can have a access to only 2 So a enduser can be associated to many resource server which is one to many. In existing apis surf oauth we have multiple user(it test client I am treating all this as user(it test client Treating http://localhost:8084/test as a Treating resource servers as and admin activities on So my question is how can i give access a end user(it test client Please give me some solution on my problem . Let me know if I am wrong on oauth apis architecture with your suggestions. Thanking you alot On Thu, Feb 5, 2015 at 10:02 PM, Geert van der Ploeg <
Regards |
|
You talk about 5 applications, which are the resource servers. That's fine. |
|
Hi, Well At present my 5 applications are open and its not secured , So I have If you think oauth is not right solution then how do I secure my 5 thanx On Mon, Feb 9, 2015 at 9:01 PM, Geert van der Ploeg <
Regards |
|
Hi, Well At present my 5 applications are open and its not secured , So I have If you think oauth is not right solution then how do I secure my 5 And also let me know if i want to test following client ids then how can i *Client ID *: it-test-client-grant Secret : somesecret-grant Secret : somesecret2*Client ID *: it-test-client *Secret : *somesecret how can i test above client's in application , do i have to test using CURL thanx On Wed, Feb 11, 2015 at 1:58 PM, anil gupta [email protected]
Regards |
Here lies the problem with trying to solve this with OAuth, for the following reasons:
|
|
Hi , Getting following error when i am trying to perform this command. curl -i -v -H "Authorization: bearer 00-11-22-33" http://localhost:8082 getting below error. org.codehaus.jackson.map.JsonMappingException: Unexpected token Please suggest. failing to execute this line verifyTokenResponse = On Thu, Feb 12, 2015 at 3:46 PM, Geert van der Ploeg <
Regards |
Hi,
Please guide me If i want to add multiple resource server then where and all i need a change.
And also how do i add multiple resource server in yml file..
authorizationServerUrl: http://localhost:8080/v1/tokeninfo
secret: 58b749f7-acb3-44b7-a38c-53d5ad740cf6 (Can i append it by comma for other resource servers)
key: university-foo
And do i also need to add different json files for each new resource servers Please guide me ...
Will appreciate for your support.
Thanx
The text was updated successfully, but these errors were encountered: