Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>After doing some research, I found some potential solutions and like to share with you. </p> <p>Problem 1: Unable to apply security policies at granular level. </p> <p>Solution : </p> <p>I was able to apply security policies at </p> <p>1.) root level </p> <p>2.) operation level and </p> <p>3.) message level </p> <p>using <strong><em>operationName</em></strong> &amp; <strong><em>operationNamespace</em></strong> </p> <pre><code>&lt;proxy name="StockQuoteProxy" transports="https http" startOnLoad="true" trace="disable"&gt; &lt;target endpoint="SimpleStockQuoteService_noSuspendOnFailure_TCPMon"&gt; &lt;inSequence&gt; &lt;header xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" name="wsse:Security" action="remove"/&gt; &lt;/inSequence&gt; &lt;outSequence&gt; &lt;send/&gt; &lt;/outSequence&gt; &lt;/target&gt; &lt;publishWSDL uri="file:repository/samples/resources/proxy/sample_proxy_3.wsdl"/&gt; &lt;!-- Default policy for all operations --&gt; &lt;policy key="sec_SigOnly"/&gt; &lt;!-- policy for getFullQuote operation , in and Out message --&gt; &lt;policy key="SigEncrSTS" operationName="getFullQuote" operationNamespace="http://services.samples"/&gt; &lt;!-- policy for getQuote operation , in message --&gt; &lt;policy key="sec_InOut-Policy" operationName="getQuote" operationNamespace="http://services.samples" type="in"/&gt; &lt;enableSec/&gt; &lt;/proxy&gt; </code></pre> <p>Problem 2: when a proxy service is deployed, published WSDL is automatically generated and we have limited/no control to customize it.</p> <p>Solution : Using Property <strong><em>useOriginalwsdl</em></strong>, I was able to publish original supplied WSDL with only IP/Port changed to Proxy IP/Port.</p> <pre><code>&lt;proxy name="STSProxy" transports="https http" startOnLoad="true" trace="disable"&gt; &lt;target endpoint="PingSTS_UT"&gt; &lt;inSequence&gt; &lt;property name="preserveProcessedHeaders" value="true" scope="default"/&gt; &lt;log level="full"/&gt; &lt;/inSequence&gt; &lt;outSequence&gt; &lt;send/&gt; &lt;/outSequence&gt; &lt;/target&gt; &lt;publishWSDL key="wsdl_sts"/&gt; &lt;parameter name="useOriginalwsdl"&gt;true&lt;/parameter&gt; </code></pre> <p>I wish WSO2 support to apply both of those solutions at the same time. i.e., able to control how published WSDL is generated and apply security policies at granular level.</p> <p>PS: When Security Polices are applied by directly editing in Source View, the UI is still showing <strong>Unsecured</strong> . it will only show <strong>Secured</strong> when built-in security policies are applied through Web UI or the policy name match to one of the built-in policy </p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload