2 Replies Latest reply on Jun 9, 2008 2:36 PM by gia giavelli

    struggling to integrate strong security in ESB

    gia giavelli Newbie


      Jboss ESB currently does not have a very strong security model. We are trying to integrate some strong security which will work with a BPM orchestration including

      SSL
      signed headers
      SAML assertions
      encryption
      a federation of SAML assertion validator services/identity mgmt

      However, since the security must be tied to both endpoints to be secure, it means that when the BPM processor runs and it calls a web service endpoint, it itself must be using and supporting ws-se security and the above.

      Is there an injection point to intercept and perform security with jboss ESB. Will it work with BPEL orchestration. Is there a way to set up SSL calls with signed headers. whats the best way to do secure encryption support for xml message bodies.

      a handful of questions I worry the answer is "not until next release" but if people have any specifics or ideas I would welcome them. Thanks!