1

I am following link https://www.ibm.com/developerworks/websphere/library/techarticles/1505_kumar/1505_kumar.html for SOAP web-service consumer. Same method I am applying for SOAP web-service provider. I want to access username and password in esql to authenticate both consumer and provider. Is there any way to access user name and password of provider from SecurityProfiles Configurable Service in ESQL so it can be validate with Consumer credentials . User Name and Password is plan text .

I have done following things 1. Created Policy 2. Created Bindings 3. Created User ID & security profile

mqsisetdbparms SBBROK -n SecurityID -u sbuser -p sb.123456 mqsicreateconfigurableservice SBBROK -c SecurityProfiles -o WSSecurityProfile -n "propagation,idToPropagateToTransport,transportPropagationConfig" -v "TRUE,STATIC ID,SecurityID"

  1. Configured Bar file & sets(Policy, Binding & security Profile) on SOAPInput node.
  2. Deploy My Flow

After that, I assumed that, on these provider polices,binding, profile. provider can authenticate consumer user name and password.

I am using iib version 10.0.0.15.

Junaid Ahmed
  • 21
  • 7

1 Answers1

1

I'm not sure I fully understood the question.

All I can tell you is the following: The credential provided by the one calling your service will be stored on this location : Properties/IdentitySourcePassword and Properties/IdentitySourceToken right after your input node.

IF not set to static, the SOAP Request you are doing will use the credentials at this location as well. Otherwise, it will use the defined user password in the mqsisetdbparms command.

So you can access the input credentials in your ESQL code like this :

SET callerUser=InputRoot.Properties.IdentitySourceToken;
SET callerPassword=InputRoot.Properties.IdentitySourcePassword;

For the credentials stored via the mqsisetdbparms, I don't know any way to access it and to be honest I don't see the point.

A solution, if you really need this, is to change your static user / password by a dynamic one, and set it directly in your ESQL at these locations with something like this :

SET myUser = 'Username'
SET myPassword = 'Password123'
SET callerUser=InputRoot.Properties.IdentitySourceToken;
SET callerPassword=InputRoot.Properties.IdentitySourcePassword;
##The comparison you want to do here
SET OutputRoot.Properties.IdentitySourcePassword = myPassword 
SET OutputRoot.Properties.IdentitySourceToken= myUser

Of course hardcoding the user / pass is not the right solution, it is just an exemple, but you can easily store it on a database and retrieve if from the ESQL

jdel
  • 546
  • 2
  • 14
  • Thanks for reply , I dont want to user SET myUser = 'Username' & SET myPassword = 'Password123' in my code . is there any mechanism get these user and password from DBparams. – Junaid Ahmed Dec 09 '19 at 05:48
  • Unfortunately I don't know any solution to do it, and I don't think there is. See same question on IBM forums : https://www.ibm.com/mysupport/s/question/0D50z000062kxvkCAA/can-you-retrieve-dbparms-credentials-from-javaesql-in-an-iib-flow?language=en_US – jdel Dec 09 '19 at 07:23