WSO2 IS：如何允许匿名请求OIDC .well-known / openid-configuration

2 回答

• 0

  经过多次试验，可以通过在 /repository/conf/identity/identity.xml中注释.well-know行来提供匿名访问：

  <ResourceAccessControl>
      <Resource context="(.*)/api/identity/user/(.*)" secured="true" http-method="all"/>
      <Resource context="(.*)/api/identity/recovery/(.*)" secured="true" http-method="all"/>
      <!--<Resource context="(.*)/.well-known(.*)" secured="true" http-method="all"/>-->
      <Resource context="(.*)/identity/register(.*)" secured="true" http-method="all">
          <Permissions>/permission/admin/manage/identity/applicationmgt/delete</Permissions>
      </Resource>
      <Resource context="(.*)/identity/connect/register(.*)" secured="true" http-method="all">
          <Permissions>/permission/admin/manage/identity/applicationmgt/create</Permissions>
      </Resource>
      <Resource context="(.*)/oauth2/introspect(.*)" secured="true" http-method="all">
          <Permissions>/permission/admin/manage/identity/applicationmgt/view</Permissions>
      </Resource>
      <Resource context="(.*)/api/identity/entitlement/(.*)" secured="true" http-method="all">
          <Permissions>/permission/admin/manage/identity/pep</Permissions>
      </Resource>
  </ResourceAccessControl>
  

  回复于 2024-05-18T21:28:13+08:00
• 4

  您可以使用类似Apache2 Reverse Proxy to an end-point that requires BasicAuth but want to hide this from user的方式将代理反向代理到该 endpoints ，或者，考虑到数据是相对静态的，您可以只下载数据并从其他地方的未受保护的 endpoints 提供数据 .

  但我想最好找到关闭基本身份验证的配置设置，因为它没有用处 .

  回复于 2024-05-18T21:28:13+08:00