堆栈内存溢出
  简体   繁体   English

WSO2 APIM身份验证

[英]WSO2 APIM Authentication

 原文  2016-06-13 15:49:02       wso2/ wso2-am

问题描述

  1. I have a requirement to authenticate a user who wants to access an API with his credentials (un/pwd) with basic authentication or digest auth 我需要使用基本身份验证或摘要身份验证来验证想要使用其凭据(un / pwd)访问API的用户
  2. Also pass the required credentials(un/pwd) in the request to authenticate the access to backend service 同时在请求中传递所需的凭据(un / pwd)以验证对后端服务的访问

My synapse extracted config looks like this: 我的突触提取配置如下所示: 

<filter source="$ctx:AM_KEY_TYPE" regex="PRODUCTION">
<then>
<property name="api.ut.backendRequestTime"
expression="get-property('SYSTEM_TIME')"/>
<property name="password" 
expression="wso2:vault-lookup('PayAdmin--    ZenoAPI51.0')"/>
<property name="unpw" 
expression="fn:concat('user',':',get-property('password'))"/>
<property name="Authorization"
expression="fn:concat('Basic ', base64Encode(get-property('unpw')))"
scope="transport"/>
<send>
<endpoint name="PayAdmin--ZenoAPI5_APIproductionEndpoint_0">
<http uri-template="http://localhost:8080/payment/{uri.var.name}"/>
</endpoint>
</send>
</then>

What i want to know is: 我想知道的是: 

curl -X POST --header "Content-Type: application/json" --header "Accept: application/json" --header "Authorization: Bearer 2e13c9b3c8717f43d093cfc7c63994bb" -d "{}" http://<IP address of APIM Server>:8280/Zeno1/1.0.0/payment/name

This curl can only take bearer token but how to pass user/pwd for API and user/pwd for backend in the curl 这个curl只能使用承载令牌,但是如何在curl中传递user / pwd作为API,如何传递user / pwd作为后端

2 个解决方案

解决方案1
 1  2016-06-21 06:40:25

Regarding your second question: For Basic Authentication towards the backend you can configure a general Password in the Publisher in step Implement -> Show More Options -> Endpoint Security Scheme: set to Secured and provide Credentials (see: https://docs.wso2.com/display/AM1100/Basic+Auth ) 关于第二个问题:对于后端的基本身份验证,您可以在“实施->显示更多选项->终端安全方案”步骤中在发布者中配置常规密码 :设置为“安全”并提供凭据(请参阅: https://docs.wso2 .com / display / AM1100 / Basic + Auth

If user specific credentials have to be provided the user should set the "Authentication: Basic base64(username:password)" in the HTTP header, the header will get passed to the backend. 如果必须提供用户特定的凭据 ,则用户应在HTTP标头中设置“身份验证:基本base64(username:password)”,标头将传递到后端。

解决方案2
 0  2016-06-14 14:37:02

curl -X POST --header "Content-Type: application/json" --header "Accept: application/json" --header "Authorization: **Basic** **[base64encode(username:password)]**" -d "{}" http://<IP address of APIM Server>:8280/Zeno1/1.0.0/payment/name

[base64encode(username:password)]替换为“ username:password”的base64编码字符串

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 WSO2 APIM的自定义身份验证 - Custom authentication for WSO2 APIM Dockerized wso2 APIM - Dockerized wso2 APIM WSO2:IS和APIM集成 - WSO2 : IS and APIM integration WSO2:APIM日志记录 - WSO2: APIM Logging WSO2 APIM设置 - WSO2 APIM Setup WSO2:如何在 wso2 中集成 APIM 和 IS - WSO2: How to integrate APIM and IS in wso2 使用 WSO2 APIM 3.0 配置 WSO2 APIM 分析的问题 - Problem in configuring the WSO2 APIM Analytics with WSO2 APIM 3.0 无法升级到 WSO2 APIM 2.1.0 到 WSO2 APIM 2.6.0 - Not able to upgrade to WSO2 APIM 2.1.0 to WSO2 APIM 2.6.0 WSO2 APIM的拆分部署 - Split deployment of WSO2 APIM WSO2 APIM的最小化部署 - MInimized deployment of WSO2 APIM
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM