Minimum permission required to view a Service provider application in management console

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Minimum permission required to view a Service provider application in management console

Nilasini Thirunavukkarasu
Hi,

I wanted to know the minimum permission required in order to view a service provider application?

The scenario I tried is

1) Create a service provider travelocity using user1. (It creates an application specific role Application/travelocity)
2) Create another user from user1 let's say the created user is user2.
3) Assigned login permission, Application Management->view permission to  Application/travelocity role and assigned Application/travelocity role to user2. 
4) Logged in as user 2 but couldn't able to view the Service provider travelocity.
5) If I assign Application Management permission to Application/travelocity role only I could able to view the service provider travelocity.

So is there any way that we can allow to only view the service provider but not allow to edit the service provider? If I use point (5) then there is no way for this option.


Any help on this would be highly appreciated.

Thanks,
Nila.
--
Nilasini Thirunavukkarasu
Software Engineer - WSO2

Email : [hidden email]
Mobile : <a href="tel:+94%2077%20524%201823" value="+94775241823" target="_blank">+94775241823
Web : http://wso2.com/




_______________________________________________
Dev mailing list
[hidden email]
http://wso2.org/cgi-bin/mailman/listinfo/dev
Reply | Threaded
Open this post in threaded view
|

Re: Minimum permission required to view a Service provider application in management console

Omindu Rathnaweera
There's a limitation managing applications in a fine grained manner from the management console. As per [1] you'll have to give /permission/admin/manage/identity/applicationmgt permission in order to view the menu option in the console, meaning giving only application read permission for a role will not be enough to list/view the applications in management console. However, this limitation is not there for the soap services.

AFAIK this is something we are planning to address in one of the upcoming releases.

On Wed, Dec 6, 2017 at 5:54 PM, Nilasini Thirunavukkarasu <[hidden email]> wrote:
Hi,

I wanted to know the minimum permission required in order to view a service provider application?

The scenario I tried is

1) Create a service provider travelocity using user1. (It creates an application specific role Application/travelocity)
2) Create another user from user1 let's say the created user is user2.
3) Assigned login permission, Application Management->view permission to  Application/travelocity role and assigned Application/travelocity role to user2. 
4) Logged in as user 2 but couldn't able to view the Service provider travelocity.
5) If I assign Application Management permission to Application/travelocity role only I could able to view the service provider travelocity.

So is there any way that we can allow to only view the service provider but not allow to edit the service provider? If I use point (5) then there is no way for this option.


Any help on this would be highly appreciated.

Thanks,
Nila.
--
Nilasini Thirunavukkarasu
Software Engineer - WSO2

Email : [hidden email]
Mobile : <a href="tel:+94%2077%20524%201823" value="+94775241823" target="_blank">+94775241823
Web : http://wso2.com/




_______________________________________________
Dev mailing list
[hidden email]
http://wso2.org/cgi-bin/mailman/listinfo/dev




--
Omindu Rathnaweera
Senior Software Engineer, WSO2 Inc.
Mobile: +94 771 197 211

_______________________________________________
Dev mailing list
[hidden email]
http://wso2.org/cgi-bin/mailman/listinfo/dev
Reply | Threaded
Open this post in threaded view
|

Re: Minimum permission required to view a Service provider application in management console

Nilasini Thirunavukkarasu
Thank you Omindu for the clarification.

Thanks,
Nila.

On Wed, Dec 6, 2017 at 6:10 PM, Omindu Rathnaweera <[hidden email]> wrote:
There's a limitation managing applications in a fine grained manner from the management console. As per [1] you'll have to give /permission/admin/manage/identity/applicationmgt permission in order to view the menu option in the console, meaning giving only application read permission for a role will not be enough to list/view the applications in management console. However, this limitation is not there for the soap services.

AFAIK this is something we are planning to address in one of the upcoming releases.

On Wed, Dec 6, 2017 at 5:54 PM, Nilasini Thirunavukkarasu <[hidden email]> wrote:
Hi,

I wanted to know the minimum permission required in order to view a service provider application?

The scenario I tried is

1) Create a service provider travelocity using user1. (It creates an application specific role Application/travelocity)
2) Create another user from user1 let's say the created user is user2.
3) Assigned login permission, Application Management->view permission to  Application/travelocity role and assigned Application/travelocity role to user2. 
4) Logged in as user 2 but couldn't able to view the Service provider travelocity.
5) If I assign Application Management permission to Application/travelocity role only I could able to view the service provider travelocity.

So is there any way that we can allow to only view the service provider but not allow to edit the service provider? If I use point (5) then there is no way for this option.


Any help on this would be highly appreciated.

Thanks,
Nila.
--
Nilasini Thirunavukkarasu
Software Engineer - WSO2

Email : [hidden email]
Mobile : <a href="tel:+94%2077%20524%201823" value="+94775241823" target="_blank">+94775241823
Web : http://wso2.com/




_______________________________________________
Dev mailing list
[hidden email]
http://wso2.org/cgi-bin/mailman/listinfo/dev




--
Omindu Rathnaweera
Senior Software Engineer, WSO2 Inc.
Mobile: <a href="tel:+94%2077%20119%207211" value="+94771197211" target="_blank">+94 771 197 211



--
Nilasini Thirunavukkarasu
Software Engineer - WSO2

Email : [hidden email]
Mobile : +94775241823
Web : http://wso2.com/




_______________________________________________
Dev mailing list
[hidden email]
http://wso2.org/cgi-bin/mailman/listinfo/dev