问题
Is below possible using WSO2 IS? I have gone through different WSO2 blogs. They are nice pointer. Still I need to advised on this.
Requirement- WSO2 Identity Server + Rest STS Client (without ESB)
- Users are managed on WSO2 Identity Server.
- STS Client use RestFul API to call WSO2 Identity Server's STS service for a) Get Security Token b)Validate Token c)cancel Issued Token d) renew Issued Token
- Retrieve user profile using a specific Security token.
Reference:
- https://web.cci.emory.edu/confluence/display/EmorySTS/Security+Token+Service+Client+API
- http://blog.facilelogin.com/2011/07/integrating-3-legged-oauth-with-xacml.html
- http://blog.facilelogin.com/2010/05/managing-users-and-roles-with-wso2.html
- http://blog.facilelogin.com/2009/05/security-token-service-with-wso2.html
- http://blog.facilelogin.com/2009/05/accessing-proxy-services-in-wso2-esb.html
- http://download.forgerock.org/downloads/openam/javadocs/9/com/sun/identity/wss/sts/TrustAuthorityClient.html
回答1:
STS which is based on WS-Trust is for SOAP based services. But WSO2 Identity Server also implements another specification called Passive STS - which is wrapper of the WS-Trust functionality. PassiveSTS support in WSO2 Identity Server can be used as way to obtain a token for REST client.
来源:https://stackoverflow.com/questions/7990527/wso2-identity-server-rest-sts-client-without-esb