Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
See what Drew Clarke has to say about the Qlik Talend Cloud launch! READ THE BLOG
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Dizzfire
Contributor III
Contributor III
‎2015-10-08 11:50 AM

How?? TAC - Authorization for Rest Web Service (Individual Ressource)

Hi,
I would like to know "how i can used Authorization module in TAC on my Rest WebService?".
I created a WebService Rest and I deployed. It's run fine.
However, I would like to used Authorization module on this Rest WebService in order to define user/password for my WebService.
I tried with two ways:
1 - I declared my WebService Rest as Individual Ressource with Matching EQUAL. For my Ressource, I put complete url of my Web Service. I affected this ressource for a user defined in Syncope.
However, I can always call my WebService without authentification.
2 - I declared my WebService Rest as Individual Ressource with matching REGEX.
However, the result is the same that the operation 1. I called my WebService without authentification.
When I implement individual ressource in Authorzation module in TAC, is it necessary to re-deploy my WebService? or not?
When I used Authorization module in TAC, What is the type of authentification used? Basic, Digest, OAuth1.0, OAuth2.0?
Thank you
0683p000009MB6O.png
Labels (3)
Labels
143 Views
0 Likes
5 Replies
Anonymous
Not applicable
‎2015-10-09 03:39 AM

Hi,
Talend ESB WebService authorization is based on XACML policy which can be generated from TAC UI like what you already did, and SAML token authentication should be used together with authorization. so you have to start STS service, PDP service in the Runtime container before you deploy your WS. (tesb:start-sts,  tesb:start-authz-pdp), be default STS service is also using the user/passwd which defined in the Syncope to do the validation.
Regards.
143 Views
0 Likes
Dizzfire
Contributor III
Contributor III
‎2015-10-09 04:12 AM
Author

Hi,
Thank you for your answer.
I already activated PDP and STS service in Kraf Runtime (Before to deployed my Job).
However, I don't activated "Authentification" on my tRestRequest in my Job.

So, if I had understand, I have to:
1] - Activated my PDP & STS service in Karaf Runtime.
2] - In my Job, I activate "Authentification" SAML or Basic Http ?
3] - I deploy my Job in Karaf Runtime
4] - After, I can defined a policy in TAC UI in Authorization Module.
Could you confirm me these steps?
Thank you
Anthony
0683p000009MBqt.png 0683p000009MBmt.png
143 Views
0 Likes
Anonymous
Not applicable
‎2015-10-09 08:00 AM

Hi,
The step 4 should be done at the beginning, at least before step 3.
In step 2, you should select SAML authentication, and authorization.
Regards.
143 Views
0 Likes
Dizzfire
Contributor III
Contributor III
‎2015-10-09 12:00 PM
Author

Hi,
If I use SAML TOKEN, I have to "install" token authentification or not?
Because I deployed a new Job and I activated SAML TOKEN with authorization.
When I called my Job with my User/Password, I got an error message 401 Unauthorized.
So I check my User and Password are valid.
Do you have necessary to call my WebService with specific parameter or header parameter in order to defined SAML authentification? User and Password only are not enough.
Do you know the specific parameter with SAML TOKEN?
Thank you
143 Views
0 Likes
Anonymous
Not applicable
‎2015-10-09 11:11 PM

Hi,
So now your Rest WS with SAML + authorization is activated. For invoke it from client side, there are several ways:
1) using tRESTClient component + SAML authen, input user/passwd.
2) configure STSClient using java code or spring/bluepring, please reference examples/talend/authorization/syncope-esb-xacml-rest
3) invoke Rest WS from SoapUI, with provided SAML token as header
Regards.
143 Views
0 Likes