堆栈内存溢出
  简体   繁体   English

WSO2 IS 使用 Access 令牌请求 XACML - 禁止错误 403

[英]WSO2 IS Request XACML with Acces Token - Error 403 Forbidden

 原文  2020-09-25 12:43:14       wso2/ wso2is/ xacml3

问题描述

Following this article, I created my request XACML and I have success.在这篇文章之后,我创建了我的请求 XACML 并且我成功了。 https://docs.wso2.com/display/IS560/Using+REST+APIs+via+XACML+to+Manage+Entitlement https://docs.wso2.com/display/IS560/Using+REST+APIs+via+XACML+to+Manage+Entitlement

And I saw in this last question that is possible use access token for made the request: WSO2is XACML API我在最后一个问题中看到可以使用访问令牌发出请求: WSO2is XACML API

My question is whether it is possible to use access token to take this request, because when I use basic authentication I'm successful in the request, but when I use access token I get 403 Forbidden.我的问题是是否可以使用访问令牌来接受这个请求,因为当我使用基本身份验证时,我在请求中成功了,但是当我使用访问令牌时,我得到了 403 Forbidden。

If it is possible to use an access token to make this request, what can I do to solve the 403 problem?如果可以使用访问令牌来发出此请求,我该怎么做才能解决 403 问题?

1 个解决方案

解决方案1
 0 已采纳  2020-10-01 07:48:57

Yes, you can use an access token to authorize the request.是的,您可以使用访问令牌来授权请求​​。 If you navigate to <PRODUCT_HOME>/repository/conf/identity/identity.xml file, you can find a content as follows.如果您导航到 <PRODUCT_HOME>/repository/conf/identity/identity.xml 文件,您可以找到如下内容。

<Resource context="(.*)/api/identity/entitlement/(.*)" secured="true" http-method="all">
            <Permissions>/permission/admin/manage/identity/pep</Permissions>
            <Scopes>internal_manage_pep</Scopes>
</Resource>

This config is related to how each /entitlement endpoint is secured.此配置与保护每个 /entitlement 端点的方式有关。 Find more details at https://is.docs.wso2.com/en/latest/develop/authenticating-and-authorizing-rest-apis/#secure-resourceshttps://is.docs.wso2.com/en/latest/develop/authenticating-and-authorizing-rest-apis/#secure-resources 中查找更多详细信息

If you use an access token it should be generated with the mentioned scopes.如果您使用访问令牌,则应使用上述范围生成它。 If the access token doesn't have the required scope you will receive 403 Forbidden.如果访问令牌没有所需的范围,您将收到 403 Forbidden。 In order to make a POST request to https://localhost:9443/api/identity/entitlement/decision/pdp you should use an access token generated with internal_manage_pep scope.为了向https://localhost:9443/api/identity/entitlement/decision/pdp发出 POST 请求,您应该使用由internal_manage_pep范围生成的访问令牌。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 wso2 ei服务器,禁止错误403,不访问核心,错误:请求中缺少必需的令牌 - wso2 ei server, error 403 forbidden, Does not access the core, error:required token is missing from the request WSO2 IS REST请求XACML - WSO2 IS REST request XACML WSO2 IoT(经纪人)错误403-禁止在碳上 - WSO2 IoT (Broker) Error 403 - Forbidden on Carbon 调用管理服务 wso2 错误 403 - 禁止 - Invoking the admin service wso2 Error 403 - Forbidden WSO2 Identity Server XACML请求给出不确定的响应 - WSO2 Identity Server XACML Request giving Indeterminate Response 如何使用WSO2 Balana创建XACML PEP请求? - How to create XACML PEP Request using WSO2 Balana? WSO2 Identity Server是否可以使用JSON XACML请求/响应? - Is WSO2 Identity Server working with JSON XACML request/response? 错误403-我尝试从WSO2中的浏览器访问?WSDL时出现禁止错误 - Error 403 - Forbidden error when I'm trying to access ?WSDLs from browser in WSO2 WSO2身份-XACML简单编辑器-在时间范围内尝试-错误 - WSO2 Identity - XACML Simple Editor - Try It with Time Range - Error WSO2 IOT服务器,禁止错误403,无法访问核心和设备 - WSO2 IOT server, error 403 forbidden, Does not access the core and devicemgt
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM