Does WSO2 ESB support web services for system management?
I want to develop a desktop program to connect to ESB server and do the administration tasks without using web application.
There is already existing services in side the ESB which is also used by the admin GUI.
Step 1: Make admin services WSDL visible by editing carbon XML ({ESB_HOME}/repository/conf/carbon.xml)
<HideAdminServiceWSDLs>false</HideAdminServiceWSDLs>
Step 2: See which services available for you to use by starting ESB with osgiConsole
sh {ESB_HOME}/bin/wso2server.sh -DosgiConsole
Step 3: See the list of services ( you can type this in ESB command window, just type enter you will get osgi command mode )
osgi> listAdminServices
you can see sample java client login to ESB and listing user roles in below link, just refer this for your service implementation. Basically first need to login to ESB before calling any admin service and use login cookie to call other services on next step.
http://blog.facilelogin.com/2011/03/invoking-wso2-carbon-admin-services.html
Related
I'm trying to customize the login pages for the dev portal and publisher and I'm referring to the below documentation.
https://apim.docs.wso2.com/en/latest/reference/customize-product/customizations/customizing-login-pages-for-dev-portal-and-publisher/
The 1st step tells to download the Identity Server and in the 2nd step, it says to start up the server using api-manager.sh which could be a mistake.
However, I have the following questions related to the scenario.
In order to customize the login pages in APIM, should I start up the IS as a key manager as well?
Can't we customize the login pages just by using the JSP files readily available in the authentication endpoint in APIM?
I guess the documentation should be updated. You can use the existing jsp files in the authentication endpoint if you use OAuth2/OpenID. If you are using SAML, then you have to use WSO2 IS as the IDP with WSO2 API Manager.
Some samples can be found in [1].
By default API Manager uses OAuth2/OpenID. You can do the service provider configurations in API Manager. OAuth2/OpenID and SAML use the jsp files used in the authentication endpoint.
[1] - https://github.com/wso2/samples-is/tree/master/re-branding-the-default-login-page
I have tried searching for samples in implementing authentication using WSO2 Identity Server for web API calls residing in other servers but cant seem to find one. I can only find authentications on WSO2 IS API calls. Can you refer some links for examples or tutorials
You can get all the admin APIs using following way.
Start the server using -DosgiConsole flag, i.e. ./wso2server.sh -DosgiConsole or ./wso2server.bat -DosgiConosle
Then after the server start you will get the osgi console. Enter listAdminServices and you will get the list. ex:
osgi> listAdminServices
Admin services deployed on this server:
1. ProvisioningAdminService, ProvisioningAdminService, https://10.150.3.140:9443/services/ProvisioningAdminService/
All the commands such as listAdminServices are listed by typing help from the osgi console.
By default, these admin APIs are hides, you have to enable them. To do that, change <ESB_HOME>/repository/conf/carbon.xml file.
<!-- If this parameter is set, the ?wsdl on an admin service will not give the admin service wsdl. -->
<HideAdminServiceWSDLs>false</HideAdminServiceWSDLs>
Note: All servers expose Web Service APIs which can be used for to gain access to back end functionality.
You can list down all the Admin Services used by WSO2 carbon based products using following steps.
Start the server with OSGI console. Go to the <SERVER_HOME>/bin
using command shell.
i) Eg : Linux
sh wso2server.sh -DosgiConsole
ii) Windows
wso2server.bat -DosgiConsole
After successfully started the server, press enter.
Type listAdminServices and press enter.
Now you should be able to see the list of Admin Service names with endpoint URLS.
Thanks & Regards,
Ajith
You have provided the question and answer both :) However I just like to add more in to this;
If you want to retrieve the WSDLs of admin services of WSO2 Identity Server; Go to CARBON_HOME/repository/conf directory and change the value of the HideAdminServiceWSDLs in carbon.xml file like below and restart the server.
<HideAdminServiceWSDLs>true</HideAdminServiceWSDLs>
to
<HideAdminServiceWSDLs>false</HideAdminServiceWSDLs>
Then you can retrieve the WSDLs by browsing the service by adding "?wsdl" option.
For example, if you can find entitlement service
https://{Hostname}:{port}/services/EntitlementService?wsdl
WSO2 Identity Server : I am new to WSO2 Identity Server. Could somebody help to get list of REST call and soap call supported by WSO2 Identity Server
This blog post has an example of using WSO2-IS APIs.
Take a look at the answer to the following question also. WSO2 identity server api
WSO2 products are manage internally SOAP web services known as admin services. The admin service wsdl as bellow.
https://localhost:9443/services/UserAdmin?wsdl
Note: you cannot view the wsdl of admin service by default due to security reason. Configure the following steps to enable and invoke the admin service wsdl.
Set the <HideAdminServiceWSDLs> element to false in <IS_HOME>/repository/conf/carbon.xml file.
<HideAdminServiceWSDLs>false</HideAdminServiceWSDL>
Restart the server.
Also you can use OSGi console to get the list of SOAP Services exposed in Identity Server and view the available service components details. To enable osgi console doing following steps.
Get osgi console by executing the following command.
<IS_Home>/bin/wso2server.bat –DosgiConsole
After successfully started the server press ‘Enter’ key and osgi>console will be displayed.
To get all admin services that are deployed on this server.
osgi> listAdminServices
List down all hidden services that are deployed on this server.
osgi>listHiddenServices
All services expose Web Service APIs which can be used for to gain access to back end functionality.
I have written my web services using apache axis2. Now I want to make my web services secure to avoid unauthorized access.
Is there any way in apache axis by which we can redirect each web service request to a particular web service ? so that it will do authentication and on successful authentication it will forward the request to respective web service.
Thanks,
Ajinkya.
you can use Apache Rampart[1] for this. Instead of redirecting to another web service you can use UT (user name token) to authenticate the uses. Using WS-Security is the correct way to secure a web service. This[2] would help you.
If you interested WSO2 AS[3] provides a integrated environment for web service deployment and add security using its GUI. Further since it is based on WSO2 carbon platform you can integrate your user store with WSO2 AS and then authentication is provided out of the box.
[1] http://axis.apache.org/axis2/java/rampart/
[2] http://wso2.org/library/240
[3] http://wso2.org/library/application-server