0

I am trying to access secured web services through WSO2 ESB.

I receive a request from a web service, use sequence, apply XSLT mediator, construct the request as needed to hit the endpoint. I can do this successfully by creating a request for unsecured endpoints.

How do I construct requests when the endpoints are secured using various security polices (Eg: X509 user name token, etc)

Thanks.

Community
  • 1
  • 1
Abdul
  • 694
  • 4
  • 14
  • 29

1 Answers1

1

Have a look at this sample. You need to secure the outgoing request message at the end point level. Please have a look at here[1].

[1] http://wso2.org/project/esb/java/4.0.3/docs/samples/qos_mediation_samples.html#Sample100

Amila Suriarachchi
  • 1,228
  • 7
  • 5
  • Great help. What I get looking at the example is that WSO2 ESB internally uses Apache Rampart to construct & sends SOAP request for end points which can be either Message Level Secured or Transport Level Secured or both ? Am I right ? – Abdul Jul 12 '12 at 11:45
  • Amila, going by the example you suggested, I could successfully execute the policy and Password callback file. I do this in a Sequence. The example uses Java Client and set's serviceClient.engageModule("rampart"), this would I believe add the soap security header to the message. But how to I do it using the sequence ? I don't have a java client, its XSLT mediator which is constructing the request. I get following error org.apache.axis2.AxisFault: Missing wsse:Security header in request. When I see SOAP msg there is no header added. Plz guide. – Abdul Aug 10 '12 at 09:33
  • I gave the detailed solution for invoking a https user name token service on my blog. http://briskwalk.wordpress.com/2012/08/31/invoking-secured-web-service-through-wso2-esb/ – Abdul Mar 06 '13 at 06:12
  • @Abdul I want to just use secure endpoints and I don't wanna check username, I just want to invoke a secure DataService endpoint from wso2 ESB. – Reza Ameri Jun 03 '13 at 07:36
  • @RezaAmeri: Why would you want to do that ? Can you throw more light your use case ? – Abdul Jun 03 '13 at 15:44
  • @Abdul I explained the details [here](http://stackoverflow.com/questions/16892419/invoking-dataservice-from-wso2-esb-with-secure-port) hope it is useful. – Reza Ameri Jun 06 '13 at 19:06