WSO2 API Manager (and all WSO2 products) is built on top of the WSO2 Carbon kernel. Management of WSO2 Carbon is done through a SOAP Web services interface known as admin services. All WSO2 products come with a management console UI, which communicates with these Web services underneath to facilitate administration capabilities through the UI.
However, there can be situations when you want to call these backend Web services directly. For example, in test automation, to minimize the overhead of having to change automation scripts whenever a UI change happens, developers prefer to call the underlying services in scripts instead of UI elements. (WSO2 test automation framework is built for this purposeĀ this approach which programatically calls the backend web services to manage deployment, configuration and various other tasks.
These backend web services are secured to prevent anonymous invocations. WSO2 Carbon server secures these services through multiple methodologies. For example;
- HTTP Basic Authentication over SSL
- WS-Security username token
- Session based authentication
You can use any SOAP client and communicates with the admin services by authenticating through above security protocols.
In this post, I will takeĀ you through consuming an admin service using soapUI since soapUI is the most user-friendly service testing tool out there to test SOAP or RESTful web services.
We will use HTTP basic auth authentication mechanism out of the auth options described above. If you like to use a different approach such as carbon session based authentication, you may refer to