WSO2 API Manager (and all WSO2 products) is built on top of the WSO2 Carbon kernel. Management of WSO2 Carbon is done through SOAP Web services known as admin services. All WSO2 products come with a management console UI, which communicates with these Web services underneath to facilitate administration capabilities through the UI.
However, there can be instances when you want to call these backend Web services directly. For example, in test automation, to minimize the overhead of having to change automation scripts whenever a UI change happens, developers prefer to call the underlying services in scripts (WSO2 test automation framework is built for this purpose).
These backend Web services are secured to prevent anonymous invocations through multiple protocols such as,
- HTTP basic authentication over SSL
- WS-Security username token
- Session based authentication
You can use any SOAP client and communicates with the admin services by authenticating through above security protocols.
In this post, I will takeĀ you through consuming an admin service using soapUI since soapUI is the most user-friendly service testing tool out there to test SOAP or RESTful web services.
We will use HTTP basic auth authentication mechanism out of the auth options described above. If you like to use a different approach such as carbon session based authentication, you may refer to