This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.
Demonstrating Web Application Resources Authorization - Notifi App
Introduction
In WSO2 App Manager, you can restrict different user roles from accessing specific Web app components. You can do this using the role-based Web application resource authorization feature of the App Manager when publishing a Web app. For more information on role-based resource authorization, see Web Application Resource Authorization.
This sample demonstrates how to restrict access to the admin panel of a Web app only to admin users based on the user role, so that member users will only be able to access the member panel.
Prerequisites
Download WSO2 AppM, and start the server.
- Start the Web server (e.g. Apache with PHP or XAMPP)
Building the sample
Follow the steps below to host the Notifi app in the Web server.
- Download the Notifi Web app.
- Copy the
notifi/
directory to<DOCUMENT_ROOT>
directory, to host the file in the Web server. - Access the Notifi Web app in your Web browser using the following URL: http://<IP_ADDRESS>:8080/notifi/
Executing the sample
Follow the steps below to execute the sample.
Creating a user role
Follow the steps below to create a user role for members of the Notifi Web app.
- Log in to the management console ( https://<hostname>:9443/carbon ) of the App Manager using admin/admin credentials.
Click Configure, and then click Users and Roles.
Click Roles, and then click Add New Role.
For more instructions on creating a user role in WSO2 App Manager, see Configuring Roles.
Select
PRIMARY
for Domain, and enter the Role Name asmember
as shown below.Click Next.
Select
login
for Select Permissions as shown below.Click Finish.
Creating a user
Follow the steps below to create a a user for members of the Notifi Web app.
Log in to the management console ( https://<hostname>:9443/carbon ) of the App Manager using admin/admin credentials.
Click Configure, and then click Users and Roles.
Click Users, and then click Add New User.
Enter details as shown below to create a user named
member
.For instructions on creating a user in WSO2 App Manager, see Configuring Users.
Click Next.
Select
member
for Users of Role as shown below.Click Finish.
Creating the Web app
Follow the steps below to create a new Web app in App Publisher to publish the Notifi app.
hiddenRoles
property in the <AppM_HOME>/repository/deployment/server/jaggeryapps/publisher/config/publisher.json
file, to enable the admin role for resource policies.Completing the Overview section
Follow the steps below to complete the first step of creating a new Web app.
- Log in to the App Publisher of WSO2 App Manager using the following URL: http://<IP_ADDRESS>:9763/publisher
Click Add New Web Application, to add the Notifi Web app using the App Publisher.
Enter the details in the Overview section as shown below.
Enter the URL of the Web app by which you access it directly from your Web browser for Web App URL. For instructions on the Overview section of adding a Web app, see Step 1 - Overview.
Completing the Policies section
Follow the steps below to complete the second step of creating a new Web app. For instructions on the Policies section of adding a Web app, see Step 2 - Policies.
- Click Global Policies.
- Select Enable Single Logout, and enter the URL of the front page of the Notifi Web app as shown below (E.g. http://10.100.4.102/notifi/).
- Click Resource Policies, and then click Add New Resource Policy.
- Enter
Admin Policy
for Resource policy name, andadmin
for Accessible User Roles as shown below.
- Click Save & Close.
- Click Add New Resource Policy.
- Enter
Member Policy
for Resource policy name, andmember
for Accessible User Roles as shown below. - Click Save & Close.
- Click Add New Resource Policy.
- Enter
Anonymous Policy
for Resource policy name, and select True for Allow Anonymous Access as shown below. - Click Save & Close.
Completing the Web Application Resources section
Follow the steps below to complete the third step of creating a new Web app to configure role-based Web application resource authorization for it. For instructions on the Web Application Resources section of adding a Web app, see Step 3 - Web Application Resources.
- Enter
admin/*
for the URL Pattern, and selectGET
andPOST
for the HTTP Verb as shown below.
- Click Add Resource.
- Enter
member
/*
for the URL Pattern, and selectGET
andPOST
for the HTTP Verb as shown below. - Click Add Resource.
- Enter
index.php
for the URL Pattern, and selectGET
for the HTTP Verb as shown below. - Click Add Resource.
- Enter
assert/*
for the URL Pattern, and selectGET
for the HTTP Verb as shown below. - Select Resource Policy for the added Web application resources as shown below.
- Click Create.
Publishing the Web app
Follow the steps below to publish the Web app in the App Publisher. For more instructions on publishing a Web app, see Publishing Web Applications.
- In the All Web Applications list, click Submit for Review button corresponding to the app.
- Click Approve.
Click Publish.
Subscribing to the Web app
Follow the steps below to subscribe to the Web app. For instructions on subscribing to a Web app, see Subscribing to Applications.
- Log in to the App Store of WSO2 App Manager using the following URL: http://<IP_ADDRESS>:9763/store
- Click on the image of the Web app.
- Click Subscribe Me.
- Click the Gateway Endpoint URL of the Web app as shown below.
- Log in to the admin panel of the Notifi Web app using admin/admin credentials.
- Enter a message in the space provided to send to the member users as shown below.
- Click Send.
- Log in to the member panel as the member user you created.
You see the message received from admin as shown below.
You will not be able to log in to the admin panel using the member user you created. This is because the Web app is configured to restrict access on admin panel only to admin users through the user role-based Web application resource authorization.