WSO 2 AM User Management API - wso2

I'm currently building an app that consume data from WSO2AM Restful API. I'm using WSO2AM 2.1.0
From what I see from https://docs.wso2.com/display/AM210/Publisher+APIs, there is no API end point for User Management, and the thing is I need that one.
So after doing some google, I found this https://docs.wso2.com/display/IS530/Managing+Users+and+Roles+with+APIs but in that link it's clearly says that it's for WSO2IS
My questions are:
Is there available user management API for WSO2AM (doesn't matter if it's Restful or SOAP-WSDL)
Is this WSO2IS user management API can be used on the WSO2AM ?
Thank you in advance

All WSO2 products are built on a single platform, therefore components of each product are mixed in other products such as user management component is used by all of the WSO2 products even though it is developed as an identity component. Hence you can use the following steps to access the user management soap service in WSO2 API Manager.
Set the "HideAdminServiceWSDLs" element to "false" in /repository/conf/carbon.xml file.
Restart the API Manager Server.
If you have started the server in default configurations, use the following URL in your browser to see the WSDL of the admin service: https://localhost:9443/services/RemoteUserStoreManagerService?wsdl.

Related

WSO2 EI (ESB) communicate with WSO2 IS

I am new to this software. From what I know, the WSO2 Enterprise Integrator is come with Enterprise Service Bus inside it. But the Identity Server (IS) is not bundled with the EI.
For my current and new project, we going to be used both of it inside the architecture. Please see below diagram for more information.
Part of my project architecture
Based on the diagram, when the user is using the portal to login. The EI is serve as the middle-ware between the portal and the IS to connect to the LDAP.
Looking at the documentation, there is way to connect from IS to the other product but not vice-versa.
My question right here is how to allow the ESB to communicate to the IS and return back the message/request to the Portal.
Thank you.
Yoy did not describe your use case what do you want to achieve so I will assume you want to authenticate the portal user or manage users.
WSO2IS (and effectively any wso2 product) exposes admin services, some are common, some specific to the product. The services require basic authentication.
please see https://medium.com/#maheeka/wso2-admin-services-c61b7d856272
Another service to authenticate a user is a token service with password grant (that may be more appropriate to authenticate users and authorize requested scopes)
Just a note:
If you want to use the whole setup only only to authenticate users, then IMHO you rather may use OAuth or SAML with the IS, not passing passwords in ESB

WSO2 common registry space and multitenancy

I have installed WSO2 Identity server and WSO2 API manager according to documentation of Products Clustering & Deployment Guide "Configuring the Pre-Packaged Identity Server 5.1.0 with API Manager 1.10.0".
According to this configuration WSO2 IS and WSO2 AM use common registry data-source (for governance and configuration).
Later in WSO2 IS I have added additional tenant - for example vu.lt.
And now when I login to WSO2 IS and WSO2 AM management console as super-tenant admin, all works OK.
When I login to WSO2 IS management console as admin of vu.lt tenant - all is OK.
But when I login to WSO2 AM as admin of vu.lt tenant I get a little strange view: the header of page is from Identity Manager, but content is from API manager.
After some tests I found out that css file (main.css) is loaded from governance part of registry .../governance/repository/theme/admin/main.css. It means that main.css is loaded from data-source. The same css is loaded when I login from WSO2 IS. The same happen if install one more server (for example BPS) and configure it to use common registry space.
Maybe this situation is not very bad, but I don't know which consequences can I get later.
So, the question is: could I have common registry space in multi-tenancy environment or I have configured something wrong.
Finally I would like to install WSO2 IS, BPS, AM and DAS with LDAP user store and to use this system for Identity Management purposes in our university. I'm not sure which configuration of registry space should I choose: common governance and different configuration, or maybe common configuration too, like in "Configuring the Pre-Packaged Identity Server 5.1.0 with API Manager 1.10.0"?
Did you try setting the host names?.. Refer to jira [1].
[1]. https://wso2.org/jira/browse/CARBON-6686

Custom Webservice for wso2 identity server

I need to extend org.wso2.carbon.user.mgt.stub.UserAdminStub to contain an additional method which allows me to obtain the AD attributes of other users.
Is it possible to create a custom webservice for Identity Server 4.5. We are not using any other wso2 products. Wso2 IS only will ship with the solution distribution.
Thanks
There is a separate API for user management functions which is called as "RemoteUserStoreManagerService" service. This service exposes all user management function as a web service.... "UserAdmin" is also user management web service that has been implemented specially for WSO2 Carbon UI.
You have methods in the "RemoteUserStoreManagerService" to retrieve AD attributes (user attributes)
Please find the java client from here. There is a readme file also there

Unable to login to WSO AppFactory

WSO2 experts
I downloaded the WSO2 AppFactory, but couldn't login into the web console with admin/admin. Has the default password changed?
Regards,
Terry
Please try with the following credentials
Username:admin#admin.com
password:admin
If you just tried with a downloaded 'binary' set-up of WSO2 App Factory; this will only allow you to log in to the Carbon admin console of the App Factory (If you just clicked on and visited the URL, that was printed on the server console). This Carbon admin console does not have any App Factory specific functionality which you might expect [WSO2 Carbon is the underlying platform which is used by all of the WSO2 products].
Since App Factory runs having few other servers alongside (such as WSO2 AS, WSO2 ELB, Jenkins, Redmine etc) this set up that you are running will not provide the same User interfaces or functionality which you have observed within the setup provided with https://appfactorypreview.wso2.com/samlsso .
I just thought to leave this answer, because; you would get disappointed after spending your time expecting the same Application (User Interfaces) available with the online setup (which I have mentioned with the hyperlink) by running the binary setup(wso2appfactory-1.0.0.zip) that you have downloaded from the WSO2 Web site.

WSO2 and LDAP end point service

I'm currently evaluating WSO2 and if it can fit for my project requirements
I have different mobile applications that will connect to our ESB , all of them will use different LDAP server to authenticate their users against it in order to access the applications, what's the best way to achieve this through WSO2 ESB ,I mean configuring multiple LDAP login services as end point services
I heard terms "user store" and "Identity Server" not sure about them , but I got the feeling that they are used for internal use of WSO2 (Storing users who can access WSO2) not related to what I need
You can use WSO2 Identity server to manage your users. You can use internal (Embedded user store) or External User store such as Active Directory. If you use Identity Server you will be able to inherit its features which you can easily integrate with WSO2 ESB.
These links will be useful for your implementations.
[1] http://wso2.org/project/solutions/identity/3.2.3/docs/user-core/admin_guide.html
[2] http://wso2.org/library/articles/2011/06/securing-web-service-integration