-
1. Re: Regarding JBPM and WS-security
aguizar Jun 30, 2006 2:08 PM (in response to saleemk)jBPM BPEL uses the standard JSR-109 server deployment model to expose web services, so that you can port it to other app servers and use the same mechanism you'd use to secure "normal" web services.
However, the JWSDP deployment model does not adhere to JSR-109. I am positive it is possible to introduce the BPEL port provider handler to the handler chain of a JWSDP deployment, which is where the BPEL process behavior is "injected". I am not familiar with the details, tough. I only use wscompile :) -
2. Re: Regarding JBPM and WS-security
aguizar Jun 30, 2006 2:10 PM (in response to saleemk)The WSEE configuration for the port provider handler I referenced in my previous post appears in the web services deployment descriptor section of the jBPM BPEL tutorial. That might be a good starting point.
-
3. Re: Regarding JBPM and WS-security
qwerty50989 Aug 9, 2006 12:00 PM (in response to saleemk)I agree, it is possible to extract WS Security header from incoming messages by replacing the PortHandler with my custom one, but how can I add authentication to outgoing messages?
Here is your code (PortCaller.java):197 // retain only parts specified by soap:body keeping the parameter order 198 parameterOrder = new ArrayList(parameterOrder); 199 parameterOrder.retainAll(partNames);
So I found no ability to add any soap header to outgoing message, and no ability to add Authorization http header. Does the jbpm-bpel support multiple users at all? Does it plan to? -
4. Re: Regarding JBPM and WS-security
meghanai_99 Mar 6, 2007 7:52 PM (in response to saleemk)Has anyone implemented this successfully? Are there new developments around ws-security support since then?
Thank you,
Meghana -
5. Re: Regarding JBPM and WS-security
meghanai_99 Mar 7, 2007 3:36 PM (in response to saleemk)As I am starting to read on ws-security support in JBossWS 1.2 [I am using trunk I downloaded few days ago] I came accross 2 user guides. One is for JAX-WS http://jbws.dyndns.org/mediawiki/index.php/JAX-WS_User_Guide#Top_Down_.28Java_to_WSDL.29
and the other one is for JAX-RPC
http://jbws.dyndns.org/mediawiki/index.php/JAX-RPC_User_Guide#WS-BPEL
From the documentation it is clear that I need to read JAX-RPC since BPEL is based on that. But out of curiosity, what is the difference between the two? RPC style is supported in both then why there are 2 styles of exposing webservices? Why BPEL is based on one style and not the other?
Is there any documentation about JBPM-BPEL that talks about all these internals? it's architecture etc?
Thank you,
Meghana -
6. Re: Regarding JBPM and WS-security
meghanai_99 Mar 7, 2007 4:09 PM (in response to saleemk)I know the answers now. I asked the question too soon :p
-
7. Re: Regarding JBPM and WS-security
aguizar Mar 7, 2007 6:36 PM (in response to saleemk)Care to share your findings with everyone? :-)
-
8. Re: Regarding JBPM and WS-security
meghanai_99 Mar 7, 2007 8:03 PM (in response to saleemk)From the JAX-WS user guide -
JAX-WS brings to web services what EJB3 brings to EJB. With its greatly simplified programming model and functional enhancements it is desigend to take the place of previous JAX-RPC web service implementations.
and I assume JBPM-BPEL will be ported to this new implementation eventually [That will be great. Lot less config files. I saw only web.xml which is required].
The reason why it is on JAX-RPC is because JAX-WS is new. It is introduced in JBossWS 1.2
Please correct if my assumptions are wrong.
Thanks,
Meghana