How to add custom permissions to the current permission tree in WSO2 products.
Method 1.
You can add ap
To do so,
- Go to Management console -> Main -> Service Providers -> Add Enter Service Provider name, then expand role/permission configuration. (https://localhost:9443/carbon)
- As it added you can find a new role. It is created for this service provider.
- Then it will edit the service providers that you created to add Permissions. Go to 'Role/Permission Configuration'.
- Add new Permission for application and click ‘Update’
- To verify the permission is added, go to ‘permission tree’ at Home > Configure > Users and Roles > Roles > Permissions.
Method 2.
You can add new permissions to the existing permission tree through the registry browse in the Management Console.
To do so,
- Go to Main -> Resources -> Browse -> /_system/governance/permission Add Collection, then set the property to the created collection.
- Make sure Name should be a "name" when set the property under the property section.
- Click the add button.
Retrieve assigned permissions of the role
You can use
- Set the <HideAdminServiceWSDLs> element to false in the <PRODUCT_HOME>/repository/conf/carbon.xml file.
- Run the server using this command "sh wso2server
. - When the server is started, hit the enter/return key several times to get the OSGI shell in the console.
- In the OSGI shell, type:
osgi listAdminServices - Use this WSDL for invoking the login method.
http://localhost:9763/services/AuthenticationAdmin?wsdl
- After you invoke the login method you will get a JSESSIONID as a response.
- Then you can invoke the
getRolePermissions method using this JSESSIONID. - For invoking
getRolePermissions methoduse this WSDL.
https://<HOST>: 8243/services/UserAdmin? wsdl
😉 When you invoke these methods from SOAPUI please change the port number to 9443.
