0

in fact i have read this article: http://wso2.com/library/articles/2013/11/fine-grained-xacml-authoriation-with-pip-points/

it was really interesting for me. it matches very well what i want to do. i've tried to do the same thing but using wso2am 1.7.0 API Manager. But while i'm trying to retrieve the policies navigating in the carbon UI

home->PAP->PolicyAdministration

i got the following exception The following error details are available. Please refer logs for more details.

org.apache.axis2.AxisFault: Exception occurred while trying to invoke service method getAllPolicies
at org.wso2.carbon.identity.entitlement.ui.client.EntitlementPolicyAdminServiceClient.handleException(EntitlementPolicyAdminServiceClient.java:478)
at org.wso2.carbon.identity.entitlement.ui.client.EntitlementPolicyAdminServiceClient.getAllPolicies(EntitlementPolicyAdminServiceClient.java:81)
at org.apache.jsp.entitlement.index_jsp._jspService(org.apache.jsp.entitlement.index_jsp:183)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:111)

Can anyone help me answering these questions? IS it possible to do the same thing with WSO2 AM? Do you have idea to solve this issue?

Thanks.

Community
  • 1
  • 1
imed
  • 3
  • 1

1 Answers1

0

Yes.. you can do it with APIM, but you need to install the XACML feature in to the Identity Server. According to the your comment, It seems to be that you have already installed the XACML feature in APIM. Because if not, you can not see the PAP->Policy Administration UI. But there can be some version mismatch when installing the feature.. Because APIM and WSO2IS may not have released in same version of the org.wso2.carbon.identity.entitlement.stub. However same type of SO question can be found from here. I have given some solution for it. You can try it as well. But if you are looking for proper deployment, I suggest to use Identity Server as separate PDP engine rather than installing PDP feature in the APIM. You can find about more details from here as well

Community
  • 1
  • 1
Asela
  • 5,781
  • 1
  • 15
  • 23
  • Hi Asela, thx for your response. I've already test the first link you mentionned when i tried to do the same thing as here: http://wso2.com/library/articles/2014/02/use-of-wso2-api-manager-to-validate-fine-grained-policy-decisions-using-xacml/ and it was really helpfull but now i'm trying to do the same but with the PIP policy to add dynamic value with a web service – imed Feb 13 '15 at 11:09
  • Another question, I'm using wso2 am without installing the wso2IS am i supposed to do that? Becuse even the xacml i installed it in the api manager not the identity server – imed Feb 13 '15 at 11:16
  • Yes.. it is fine.. but in Identity Server, XACML features are installed by default... – Asela Feb 13 '15 at 13:33
  • SO if i don't have to install the IdentityServer. How can i do that or how can i fix my issue do you have any idea. because i still have the same pronle i can't access the PAP Administration to do my policy. – imed Feb 13 '15 at 14:44
  • In APIM can u let me know the what is versions of "org.wso2.carbon.identity.entitlement" jar file. just search for name in plugins directory – Asela Feb 13 '15 at 16:01
  • in repository/components/plugins i have th following jars: org.wso2.carbon.identity.entitlement_4.2.2.jar org.wso2.carbon.identity.entitlement.common_4.2.1.jar org.wso2.carbon.identity.entitlement.mediator_4.2.2.jar org.wso2.carbon.identity.entitlement.proxy_4.2.1.jar org.wso2.carbon.identity.entitlement.stub_4.2.1.jar org.wso2.carbon.identity.entitlement.ui_4.2.2.jar and i've deleted this one: org.wso2.carbon.identity.entitlement.stub_4.2.0.jar_back – imed Feb 13 '15 at 16:07
  • yes.. then it is fine.. then it must work as you have done as in other SO answer... not sure why it is working.. so best thing is to try out your use case in WSO2IS... later you can try to fix this... normally feature installation much work.. if versions are property match... not sure sometime due to some bug – Asela Feb 13 '15 at 17:31