Can I apply security authorization policy based on operations in SwitchYard?
Issue
- Our project exposes a SwitchYard service with several operations. We have set up authorization to be required and is handled at FSW using the login-module.
- We currently do not see any way to set authorization down to the SwitchYard operations. Please advice if this is supported.
- In our SwitchYard project, under
Domain
, we have the security configuration setup with theRoles Allowed
. This setup actually applies theRoles Allowed
at the service level. - For example, in this service, we have 3 operations
a
,b
, andc
, and inRoles Allowed
TEST_ROLE_1
is setup. This means any user withTEST_ROLE_1
is able to access the service, calling the operationsa
,b
, andc
. - Our use case requires that the authorization be configured down to operations, which are in the service that exposes operations
a
,b
, andc
. Operationa
andb
can only be allowed to consumer (user) withTEST_ROLE_1
and operationc
can only be allowed to consumer (user) withTEST_ROLE_2
. - Is there any way I can setup such a configuration?
Environment
- Red Hat JBoss Fuse Service Works (FSW)
- 6.0.x
- 6.2.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.