如何在wso2 api管理器中对最终应用程序用户进行身份验证和授权?
[英]How to authenication and Authorize End application users in wso2 api manager?
问题描述
I wanted to do some POC for wso2 API manager where API Manager will expose login and registration url which will be called by UI layer but wanted to handle end user authorization and authentication in API manager layer and don't want to handle this in database how can I do this i don't to use Identity server also. 
我想为wso2 API管理器做一些POC,其中API管理器将公开将由UI层调用的登录和注册URL,但想在API管理器层中处理最终用户授权和身份验证,并且不想在数据库中处理此问题。我可以这样做吗?我也不要使用身份服务器。
I have gone through password grant_type tutorial and we can use this but how the authorization is going to performed? 我已经完成了密码grant_type教程,我们可以使用它,但是授权将如何执行? Do we need to maintain user details in separate database or in identity server? 我们是否需要在单独的数据库或身份服务器中维护用户详细信息? if yes how this is going to happen. 如果是的话,这将如何发生。
I have gone through below questions but didn't get exact solution, please help me on this. 我经历了以下问题,但未获得确切的解决方案,请对此提供帮助。
authorize user in wso2 api manager 在wso2 api管理器中授权用户
wso2 api manager end-user wso2 API管理器最终用户
Thanks 谢谢
1 个解决方案
解决方案1
0 2018-11-12 10:19:23
how can I do this i don't to use Identity server also
By default you should be using the provided OAuth2 endpoints to authorize the users. 默认情况下,您应该使用提供的OAuth2端点对用户进行授权。 However - the API Manager itselfs doesn't support self-registration and account verification. 但是,API Manager本身不支持自我注册和帐户验证。
I'd suggest to configure a WSO2 Identity Server as an APIM Key manager . 我建议将WSO2身份服务器配置为APIM密钥管理器 。
The WSO2IS has capability for self-registration and account verification . WSO2IS具有自我注册和帐户验证的功能 。
The application or users will authenticate against the WSO2IS and the returned token will be valid for APIM (as the KeyManager shares the database with tokens). 应用程序或用户将根据WSO2IS进行身份验证,并且返回的令牌将对APIM有效(因为KeyManager与令牌共享数据库)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.