directory-fortress mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Oleksandr Bodriagov (Polystar)" <oleksandr.bodria...@polystar.com>
Subject Apache Fortress REST API
Date Mon, 20 Apr 2015 13:01:32 GMT
Hi,

I have a question concerning Fortress' REST API . The only example I have
found is "EmTest.java" in directory-fortress-enmasse.
Our use case is as follows. We have a few RESTful web services to which we
would like to control access using Fortress + LDAP with users/groups and
our own OAuth2.0 token provider/access control server. Our permissions in
this case would be something like:
  - read data from https://server1.com/whateever
  - modify report at https://server2.com/profile/whatever
  - read report at https://server2.com/profile/whatever
 
So, we have operations {read, modify, delete, Š} and objects
{https://server1.com/whateever, https://server2.com/profile/whatever, Š}.
Our token provider receives a request for the OAuth token that represents
permissions of the requesting user. To answer this question, the token
provider, using a fortress-rest-user account, should authenticate the
requesting user (using this user's username/password) against Fortress and
then get user permissions from Fortress using REST API.
How can it be done? I have found HttpIds.PERM_READ, HttpIds.USER_READ? Am
I on the right track?
AccessMgrRestImpl seems to be doing what we need, but how do corresponding
HTTP requests look like?
I would be really grateful for any help.

Best regards,
Oleksandr



Mime
View raw message