com.atlassian.confluence.content.render.xhtml.migration.exceptions.UnknownMacroMigrationException: The macro 'next_previous_links' is unknown.
Partner Service Security
- Former user (Deleted)
Owned by Former user (Deleted)
Jun 22, 2016
4 min read
Loading data...
You can secure partner services used in a BPEL process using a given security policy. A sample policy configuration is shown below.
Following sample shows how we can secure a partner service used in a BPEL process.
Tree structure of the sample is shown below.
PolicySecurePartnerService01.xml configuration is given below.
<wsp:Policy wsu:Id="UTOverTransport"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken RequireClientCertificate="false"/>
</wsp:Policy>
</sp:TransportToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Lax/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
</wsp:Policy>
</sp:TransportBinding>
<sp:SignedSupportingTokens
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:UsernameToken
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"/>
</wsp:Policy>
</sp:SignedSupportingTokens>
<ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
<ramp:user>client</ramp:user>
<ramp:encryptionUser>service</ramp:encryptionUser>
<ramp:passwordCallbackClass>org.wso2.bps.samples.pwcb.PWCBHandler</ramp:passwordCallbackClass>
<ramp:signatureCrypto>
<ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
<ramp:property name="org.apache.ws.security.crypto.merlin.file">/home/BPS/Partner/client.jks</ramp:property>
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">apache</ramp:property>
</ramp:crypto>
</ramp:signatureCrypto>
<ramp:encryptionCypto>
<ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
<ramp:property name="org.apache.ws.security.crypto.merlin.file">/home/BPS/Partner/client.jks</ramp:property>
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">apache</ramp:property>
</ramp:crypto>
</ramp:encryptionCypto>
</ramp:RampartConfig>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
Add a reference to the policy configuration file at the EPR configuration as shown below.
SecurePartnerService01.epr configuration is given below.
<wsa:EndpointReference
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.w3schools.com uep_schema.xsd"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsdl11="http://schemas.xmlsoap.org/wsdl/">
<wsa:Address>https://localhost:9443/services/SecurePartnerService/</wsa:Address>
<wsa:Metadata>
<id>SInvokeEPR</id>
<qos>
<enableAddressing version="final" separateListener="true"/>
<enableWsSec policy="file:PolicySecurePartnerService01.xml"/>
</qos>
</wsa:Metadata>
</wsa:EndpointReference>
Make a reference to the endpoint reference file at the relevant partner link configuration in the deploy.xml file.
<invoke partnerLink="SecurePartnerService01PartnerLink">
<service name="SecurePartnerService01.wsdl:SecurePartnerService01" port="SecurePartnerService01SOAP11port_http">
<endpoint xmlns="http://wso2.org/bps/bpel/endpoint/config" endpointReference="SecurePartnerService01.epr">
</endpoint>
</service>
</invoke>
Now the partner service is secured with the above given security policy. In the same manner you can secure all the other partner services with a given security policy.
com.atlassian.confluence.content.render.xhtml.migration.exceptions.UnknownMacroMigrationException: The macro 'next_previous_links2' is unknown.