https://stackoverflow.com/questions/21705030
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianLet me briefly explain what entitlement mediator does, It extracts some values from the request message and creates the XACML request and sends it to WSO2IS for decision.
To create the XACML request, entitlement mediator looks for following
User --> By default user name is retrieved from the message context property value called "username". This value is populated to message context when user is authenticated to proxy service using UT/Basic auth ....
Resource --> By default resource is the endpoint service name. this is retrieved from "To" header in the SOAP message.
Action --> By default action is "read" If this is REST request, it would take, GET/POST as actions.
Same use case for REST services has been described here
But you can change the default behavior by implementing new call back class. Above values are retrieved from the default implementation of call back class. If you want to retrieve some user name values from user json request, you can even do it by extending new implementation. Basically you want to write some java code and create a jar file and put it in to repository/components/lib directory... Please find the default implementation from here which is "UTEntitlementCallbackHandler.java". Also there are some other implementation as well, Please look in to the code, it is simple, you can understand them.
