WSO2 Role Based Authentication scenario
Question
this is the the current configuration in my WSO2 IS 5.7.0:
- One tenant (we'll call it Tenant A) with one LDAP user store.
- Two Service Providers in Tenant A (we'll call them X and Y)
What I need to implement is:
- One login page for each Service Provider (so we have 2 different login pages)
- Authentication based on roles (users with role 'foo' can only access X while users with role 'bar' can only access Y. Users with roles 'foo' and 'bar' can have access to both systems.)
Is it possible to implement with WSO2 IS 5.7.0? Which is the right path to follow? I read about Role-Based Adaptive Authentication but it seems suitable for additional authentication steps rather than conditional logins. thanks
1 answers
solution1
2 ACCPTED 2019-06-24 16:45:07
Answering to your first question, you can find necessary steps from [1]. You don't have to recompile anything just changing .jsp pages should be enough.
For your second question both XACML based conditional authentication and Adaptive Authentication [2] should be fine. With Adaptive authentication you have more control over authentication flow and it has been released with IS 5.7.0. XACML based conditional authentication is there since IS 5.3.0 release. Since your requirement is straight forward either approach is ok.
[1] https://docs.wso2.com/display/IS570/Customizing+Login+Pages+for+Service+Providers
[2] https://docs.wso2.com/display/IS570/Configuring+Role-Based+Adaptive+Authentication
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.