If you are trying to recover applications created by one user then we
have a quick hack. We discussed how we can solve for APIM 1.9.0 and later versions in this(http://sanjeewamalalgoda.blogspot.com/2016/06/how-to-recover-application-if.html) post.
Now lets see how we can do same for APIM 1.8.0 as well.
Please note that this is a hack and not a formal solution, We are providing above workaround believing you are having issues accessing applications where application owner has left the organization.
Now lets see how we can do same for APIM 1.8.0 as well.
- You need to create an user with application subscriber role using the Management Console or use an existing user which has application subscriber permissions.
- Below SQL statements needs to be run against the WSO2AM_DB
- Identify SUBSCRIBER_ID and USER_ID of both users (User who left the organization and the user that we are going to transfer application ownership) from AM_SUBSCRIBER table (eg: SELECT * FROM AM_SUBSCRIBER).
- Identify the application that needs ownership transferring from the AM_APPLICATION table
(eg: SELECT * FROM AM_APPLICATION)
- Update the identified application's SUBSCRIBER_ID with the newly created user's SUBSCRIBER_ID from AM_APPLICATION table.
(eg: UPDATE AM_APPLICATION SET SUBSCRIBER_ID=2 WHERE APPLICATION_ID=2)
- Update SUBSCRIBER_ID to new user's SUBSCRIBER_ID from the
AM_APPLICATION_REGISTRATION (You need to identify entries that needs to
be updated based on old user's SUBSCRIBER_ID)
(eg: UPDATE AM_APPLICATION_REGISTRATION SET SUBSCRIBER_ID =2 WHERE REG_ID =1)
- Update AUTHZ_USER with the newly created user's USER_ID from
IDN_OAUTH2_ACCESS_TOKEN table (You need to identify entries that needs
to be updated based on old user's USER_ID)
(eg: UPDATE IDN_OAUTH2_ACCESS_TOKEN SET AUTHZ_USER ='user2' WHERE ACCESS_TOKEN ='IhnmguiHsiDCFJFFwQugWZmUfdsa')
- Update USERNAME with newly created user's USER_ID from
IDN_OAUTH_CONSUMER_APPS table (You need to identify entries that needs
to be updated based on old user's USER_ID/USERNAME)
(eg: UPDATE IDN_OAUTH_CONSUMER_APPS SET USERNAME='user2' WHERE CONSUMER_KEY='MjTy3lFFcy2FSdkjZnPBxjQwIGoa')
Please note that this is a hack and not a formal solution, We are providing above workaround believing you are having issues accessing applications where application owner has left the organization.
No comments:
Post a Comment