Posts

Showing posts from 2016

Policy add using Rest API in WSO2 EMM

You can add a policy using REST API given in EMM. For the use the dynamic registration client given.
below sample curl command will return client id and secret


curl -k -H "Content-Type: application/json" -X POST -d '{"owner":"admin","clientName":"admin_emm","grantType":"refresh_token password client_credentials","tokenScope":"prod"}' https://localhost:9443/dynamic-client-web/register
This will return a response like below
{"client_secret":"YCnfi_jp9Tso0qyRcbGxaQnYctga","callback_url":null,"client_id":"xJvKvUHNYqfK1MeQ_VybtBfF5MAa","client_name":"admin_admin_emm"}
Use the client id and secret by encoding using base64 to generate access token using below command
curl -k -d "grant_type=password&username=admin&password=admin&scope=default " -H "Authorization: Basic eEp2S3ZVSE5ZcWZLMU1lUV9WeWJ0QmZGNU1BY…

Application Whitelist and Blacklist Feature in WSO2 EMM

Image
It can be white listed and black listed applications in WSO2 EMM 2.1.0 onwards.

What is Application White List?
White listed applications are the only applications that allowed run on device. Any other application which does not appear on the list will not be allowed to run on the device.
What is Application Black List?
Black listed applications are the applications that are not allowed to run on the device.

Application black lists and white lists can be deployed on devices as device policies. Follow the below steps to create black list.

1. Enroll a device on EMM.
2. Create an app restriction policy
  i) Go to the EMM main window by issuing below url to the browser address bar
      https://localhost:9443/emm/
  ii) Click policy add button as shown in below

iii) Choose the platform. ex : I choose android platform.


iv) Click Applications Restrictions profile and click Off toggle button to On the profile



v) Choose black list from select box and add applications as below. Note that to ad…

WSO2 APP Manager(APPM) and WSO2 Enterprise Mobility Manager (EMM) integration

There are two separate cases for APPM and EMM integration

1. APPM and EMM on a single JVM. ex : EMM standalone pack.
2. APPM and EMM on separate JVMs. ex : clustered scenario

For the first case, EMM standalone vanilla pack should work without changing any configuration.

For the second case, There are some configurations which should be done. Follow the below steps to configure APPM and EMM on separate JVMs.

1. If you run APPM and EMM on same machine change the port offset of one pack. Let's change the port offset of APPM pack.

i) Change the port offset of carbon.xml to 10 which is in <APPM_HOME>/repository/conf directory.
ii) Since APPM default authentication mechanism is SAML SSO change the port of IdentityProviderUrl also in app-manager.xml

 ex : Change the port as shown in light green

<SSOConfiguration>

        <!-- URL of the IDP use for SSO -->
        <IdentityProviderUrl>https://localhost:9453/samlsso</IdentityProviderUrl>

        <Configura…

Hide asset types feature in WSO2 App Manager

In WSO2 App Manager 1.2.0 (currently on development) onwards, there is a feature to hide specific app types from publisher and store. There is a configuration in app-manager.xml which located in <APP_Manager_HOME>/repository/conf directory, called EnabledAssetTypeList.

If you want to hide web app and sites, comment the relevant asset types from this configuration as shown in below and restart the server

<EnabledAssetTypeList><!--<Type>webapp</Type>--><Type>mobileapp</Type><!--<Type>site</Type>--></EnabledAssetTypeList>

How to map existing OAuth applications in WSO2 API Manager User Interface

Image
You can create OAuth applications using OAuthAdminService admin service. You can follow the below steps to see how mapping of existing OAuth applications via store UI works.

1. Change the mapExistingAuthApps property value to true in <APIM_HOME>/repository/deployment/server/jaggeryapps/store/site/conf/site.json file.
2. Change the HideAdminServiceWSDLs property to true in <APIM_HOME>/repository/conf/carbon.xml file.
4. Restart API Manager instance so that to take effect the changes in carbon.xml
3. Create a project in SOAPUI with following URL
https://localhost:9443/services/OAuthAdminService?wsdl
4. Get the request window for registerOAuthConsumer operation and make a request as the below picture depicts.

When you make a request, it will create a OAuth application in API Manager.

5. Now go to the my subscription page in store. You can see Provide keys button next to Generate keys button.

 6. Now click the Provide keys button and give the consumer key and secret generated a…