-
1. Re: bpel process and basic authentication
objectiser Oct 12, 2010 4:32 AM (in response to christy)Security is currently only supported when using RiftSaw with Apache CXF.
To see how to configure Riftsaw+cxf, see: http://docs.jboss.org/riftsaw/releases/2.1.0.Final/userguide/html/wsconfig.html#d0e590 and the secure_invoke and secure_service quickstarts.
Regards
Gary
-
2. Re: bpel process and basic authentication
christy Oct 12, 2010 5:43 AM (in response to objectiser)Hi Gary,
thank you very much for your reply. So I understood that basic authentication is not supported? And if I want to secure bpel process or invoke secured web-service from bpel I have to use Ws-security and JBossWS-CXF stack only? Am I right?
Many thanks,
Kristina
-
3. Re: bpel process and basic authentication
objectiser Oct 12, 2010 6:05 AM (in response to christy)Hi Kristina,
Yes that is correct - the problem is that basic authentication, being HTTP based, is outside the scope of the SOAP messages dealt with by the BPEL process. I think ODE has some non-standard support, but we haven't looked to support this at the moment.
If you have a suggestion for how this could be supported, then feel free to raise a feature request and possibly generate some discussion around the subject, to see if a consensus can be reached on how best to support it.
Regards
Gary
-
4. Re: bpel process and basic authentication
acxsjones Jun 6, 2011 9:51 PM (in response to objectiser)Has this been fixed.
I need to talk to services that only have basic auth
And I need to expose BPMN services with basic auth
-
5. Re: bpel process and basic authentication
objectiser Jun 7, 2011 5:28 AM (in response to acxsjones)Hi Scott
Some work has been done on the dynamic web service provider mechanism (thanks to a community contribution) to support basic auth - but has not progressed beyond that currently. As yet no one has raised a feature request for this, so has no priority. Also, as this is non standard, there needs some discussion on how best to support this - we could follow the approach used in ODE (in terms of passing info to/from process) but as it states, their implementation is experimental.
Regards
Gary
-
6. Re: bpel process and basic authentication
acxsjones Jun 7, 2011 8:49 AM (in response to objectiser)I will open a feature request.
At min, we have no control over how the web services that we call are secured. So we have to have a way to use basic authentication when talk to external web services.
-
7. Re: bpel process and basic authentication
acxsjones Jun 7, 2011 9:01 AM (in response to christy)I added a request