Demonstrating Web Application Resources Authorization - Notifi App

Introduction

In WSO2 App Manager, you can restrict different user roles from accessing specific Web app components. You can do this using the role-based Web application resource authorization feature of the App Manager when publishing a Web app. For more information on role-based resource authorization, see Web Application Resource Authorization. 

This sample demonstrates how to restrict access to the admin panel of a Web app only to admin users based on the user role, so that member users will only be able to access the member panel.

Prerequisites

• Download WSO2 AppM, and start the server. 

• Start the Web server (e.g. Apache with PHP or XAMPP)

Building the sample

Follow the steps below to host the Notifi app in the Web server.

1. Download the Notifi Web app.
2. Copy the notifi/ directory to <DOCUMENT_ROOT> directory, to host the file in the Web server.
3. Access the Notifi Web app in your Web browser using the following URL: http://<IP_ADDRESS>:8080/notifi/

Executing the sample

Follow the steps below to execute the sample.

Creating a user role

Follow the steps below to create a user role for members of the Notifi Web app.

1. Log in to the management console ( https://<hostname>:9443/carbon ) of the App Manager using admin/admin credentials.

2. Click Configure, and then click Users and Roles.

3. Click Roles, and then click Add New Role.

   For more instructions on creating a user role in WSO2 App Manager, see Configuring Roles. 

4. Select PRIMARY for Domain, and enter the Role Name as member as shown below.

   

5. Click Next.

6. Select login for Select Permissions as shown below.

   

7. Click Finish.

Creating a user

Follow the steps below to create a a user for members of the Notifi Web app.

1. Log in to the management console ( https://<hostname>:9443/carbon ) of the App Manager using admin/admin credentials.

2. Click Configure, and then click Users and Roles.

3. Click Users, and then click Add New User.

4. Enter details as shown below to create a user named member. 

   For instructions on creating a user in WSO2 App Manager, see Configuring Users.

   

5. Click Next.

6. Select member for Users of Role as shown below.

   

7. Click Finish.

Creating the Web app

Follow the steps below to create a new Web app in App Publisher to publish the Notifi app.

Completing the Overview section

Follow the steps below to complete the first step of creating a new Web app.

1. Log in to the App Publisher of WSO2 App Manager using the following URL: http://<IP_ADDRESS>:9763/publisher

2. Click Add New Web Application, to add the Notifi Web app using the App Publisher. 

3. Enter the details in the Overview section as shown below. 

   Enter the URL of the Web app by which you access it directly from your Web browser for Web App URL. For instructions on the Overview section of adding a Web app, see Step 1 - Overview. 

   

Completing the Policies section

Follow the steps below to complete the second step of creating a new Web app. For instructions on the Policies section of adding a Web app, see Step 2 - Policies.

1. Click Global Policies.
2. Select Enable Single Logout, and enter the URL of the front page of the Notifi Web app as shown below (E.g. http://10.100.4.102/notifi/).
   
3. Click Resource Policies, and then click Add New Resource Policy.
4. Enter Admin Policy for Resource policy name, and admin for Accessible User Roles as shown below. 
   
5. Click Save & Close.
6. Click Add New Resource Policy.
7. Enter Member Policy for Resource policy name, and member for Accessible User Roles as shown below. 
   
   
8. Click Save & Close.
9. Click Add New Resource Policy.
10. Enter Anonymous Policy for Resource policy name, and select True for Allow Anonymous Access as shown below.
    
    
11. Click Save & Close.
    

Completing the Web Application Resources section

Follow the steps below to complete the third step of creating a new Web app to configure role-based Web application resource authorization for it. For instructions on the Web Application Resources section of adding a Web app, see Step 3 - Web Application Resources.

1. Enter admin/* for the URL Pattern, and select GET and POST for the HTTP Verb as shown below.
   
   
2. Click Add Resource.
3. Enter member/* for the URL Pattern, and select GET and POST for the HTTP Verb as shown below. 
   
4. Click Add Resource.
5. Enter index.php for the URL Pattern, and select GET for the HTTP Verb as shown below. 
   
   
6. Click Add Resource.
7. Enter assert/* for the URL Pattern, and select GET for the HTTP Verb as shown below.
   
8. Select Resource Policy for the added Web application resources as shown below.
   
9. Click Create.

Publishing the Web app

Follow the steps below to publish the Web app in the App Publisher. For more instructions on publishing a Web app, see Publishing Web Applications.

1. In the All Web Applications list, click Submit for Review button corresponding to the app.
2. Click Approve.

3. Click Publish.

Subscribing to the Web app

Follow the steps below to subscribe to the Web app. For instructions on subscribing to a Web app, see Subscribing to Applications.

1. Log in to the App Store of WSO2 App Manager using the following URL: http://<IP_ADDRESS>:9763/store
2. Click on the image of the Web app.
3. Click Subscribe Me.
4. Click the Gateway Endpoint URL of the Web app as shown below.
   
5. Log in to the admin panel of the Notifi Web app using admin/admin credentials.
6. Enter a message in the space provided to send to the member users as shown below.
   
7. Click Send.
8. Log in to the member panel as the member user you created.

9. You see the message received from admin as shown below.

   

   You will not be able to log in to the admin panel using the member user you created. This is because the Web app is configured to restrict access on admin panel only to admin users through the user role-based Web application resource authorization.