[Apiman-user] Authorization policy with Web Service
Charles Moulliard
cmoullia at redhat.com
Tue Jan 26 01:07:31 EST 2016
Hi,
Could it be possible to use the existing authorization policy to handle WebService where according to the SOAPAction we have to authorize the call to a method or do we have to create a new authorization policy ?
As a WebService is not managed as RESTfull service where the HTTP Operation (= verb) can be used to determine if we will create, read or update something and restrict access for a user based on a role (writer, reader or admin), I try to figure out how we could achieve that authorization (= role based) based on the SOAPAction for webservice without creating a different WebService with only one operation/method to handle the actions to create/delete/read/update ...
Regards,
Charles
More information about the Apiman-user
mailing list