Easy login plans gather pace
Read more here...
Security Policy with WSO2 WSAS - UsernameToken
From version 3.0 onwards, WSO2 WSAS is powered by Carbon.
This post takes you through all the steps required in setting up UsernameToken security policy with WSAS to secure a given service.
First you need to download WSAS 3.0 from here.
Log into WSO2 WSAS administration console with admin/admin
1. Go to Service --> List --> Select "HelloService" service --> Security --> setup security scenario "UsernameToken" on it.
2. Select 'admin' as the user group who has access to the service.
3. To view the applied policy, go to Service --> List --> Select "HelloService" service --> Policy
4. Select 'Edit Policy' against 'Binding HelloServiceSOAP11Binding'. You can modify the applied policy here.
5. Now - let's see how we can try this service having secured with UsernameToken.
6. Go to Service --> List and select 'Try this service' against 'HelloService'. Provide a username/password of a user belongs to the 'admin' role and try the service.
Secure Token Service with WSO2 WSAS 3.0
From version 3.0 onwards, WSO2 WSAS is powered by Carbon.
This post takes you through all the steps required in setting up the STS ships with WSAS to secure a given service.
First you need to download WSAS 3.0 from here.
WSAS distribution comes with an STS sample - and let's see how to set it up.
Go to [WSAS_HOME]/samples/sts-sample and type ant
Start WSO2 WSAS (If you haven't already started it)
Log into WSO2 WSAS administration console with admin/admin
Go to Service --> List --> Select "wso2carbon-sts" service --> Security --> setup security scenario "Sign and encrypt - X509 Authentication" on it.
Make sure wso2carbon.jks keystore (WSO2WSAS keystore) is used.
Go to Service --> List --> Select "HelloService" service and copy the http service address.
Once again select "wso2carbon-sts" service and navigate to "Configure STS". Paste/type the http endpoint address of "HelloService" service in "Add new trusted service"->"Endpoint Address". Select the WSO2WSAS private key's certificate alias (wso2carbon)
Go back to "HelloService" service and setup security scenario "SecureConversation - Sign and Encrypt - Service as STS - Bootstrap policy - Sign and Encrypt , X509 Authentication" on it.Makesure wso2carbon.jks keystore (WSO2WSAS keystore) is used.
Go to Key Stores --> Import Cert -- > Import [WSAS_HOME]/samples/sts-sample/conf/client.cert into the wso2carbon keystore.
Go to [WSAS_HOME]/samples/sts-sample and run the client.
run-client.bat <wso2carbon-sts-http-address> <hello-service-http-address>
Example :
run-client.bat http://10.100.1.97:9763/services/wso2carbon-sts http://10.100.1.97:9763/services/HelloService
Notes:
1. You need to download Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 5.0 from here and copy the two jar files from the extracted jce directory (local_policy.jar and US_export_policy.jar)to $JAVA_HOME/jre/lib/security.
2. Make sure
Fusion : Eventing with SOA - Introduction
Subscribe to:
Posts (Atom)