2 Replies Latest reply on Sep 9, 2011 7:41 AM by Magesh Bojan

    WS-Security Proxy creation

    Asankha Perera Newbie

      If I understand correctly, the quickstart "webservice_proxy_security" shows how a SOAP service already secured with WS-Security could be accessed through the ESB by a client that sends a compatible WS-Security request. But if this is correct, the ESB merely forwards a WS-secured request to a locally hosted SOAP service and returns the response.

       

      What is interesting is how the ESB can secure a SOAP service (which is not already protected by WS-Security). Is this possible with the JBoss ESB? Any links pointing to a sample or documentation is appreciated

        • 1. Re: WS-Security Proxy creation
          Asankha Perera Newbie

          After a few days of efort and searching into the source code as well, I assume JBoss ESB does not support its use as a WS-Security gateway.

           

          If someone more knowledgable about this topic can just say "no its supported" I'll keep looking... But I assume my assumption is correct as no one replied to my question as well..

          • 2. Re: WS-Security Proxy creation
            Magesh Bojan Master

            If you export you ESB service as a Web Service using EBWS (see publish_as_webservice quickstart) then you can secure the ESB service using <security> tag under service like this

             <security moduleName="EBWS" rolesAllowed="friend"/>
            

             

            This will ensure that all Web Service request are secured and can be accessed using WS-Security. Internally in the action pipeline you can invoke the unsecured Web Service using SOAPClient.