I have added a service provider in wso2 and configured Inbound authentication as oauth2 login. Also added users in the user store(ldap). Users are able to login. However I need to restrict the users based on service provider role. Also I added role mapping for internal role to service provider role. Though user is not mapped with service provider role, he is able to login. Please help me in how to restrict the oauth2 user login based on role?
Asked
Active
Viewed 257 times
3
-
how did you solve your problem? Could you implement role-based authorization? – Reza Ameri Jun 30 '16 at 10:06
1 Answers
0
This is not supported with current wso2 IS version. In future this feature will be added to IS. For authentication, it doesn't check the user's permission.SP role is only using for that, a particular user can see only permitted SPs in his Management Console.
-
What version are you talking about? I have this problem in WSO2 IS 3.1.0, is it still unavailable? What should I do for role-based Authorization? – Reza Ameri Jun 30 '16 at 10:04