This is the WSO2 Data Services Server documentation version 2.6.3

Secure Data Service Sample

You may want to secure a data service by requiring user authentication, encryption and the usage of signatures. This is facilitated in the WSO2 Data Services Server by applying security properties directly to the data service. This sample demonstrates how a service client is used to access a secured data service.

The sample data service SecureDataService should be deployed using the instructions in Deploying Data Services section.

Securing the Data Service

Enable security for the data service SecureDataService. Select UsernameToken in the basic scenario. Here we are simply enabling username/password based authentication for the data service. Select everyone as the user group. For step-by-step instructions on service-level security setting, refer to Security for Web Services.

Running the Sample

The sample service can be run using the TryIt tool, which is bundled with the WSO2 Data Services Server, or a code-generated java client sample as discussed in the Data Services Clients section.

Service Description

This service contains a single query/operation named showAllOffices, which returns all the office branches in a company.

Secure Service Client

When using a service client to access a secured data service, it must follow special steps in creating a secured connection to the service. The following code snippet is taken from the Axis2 service client used to access our sample secure data service.

String epr = "https://" + HOST_IP + ":" + HOST_HTTPS_PORT + "/services/SecureDataService";
System.setProperty("javax.net.ssl.trustStore", (new
File(CLIENT_JKS_PATH)).getAbsolutePath());
ConfigurationContext ctx = ConfigurationContextFactory.
createConfigurationContextFromFileSystem(null, null);
SecureDataServiceStub stub = new SecureDataServiceStub(ctx, epr);
ServiceClient client = stub._getServiceClient();
Options options = client.getOptions();
client.engageModule("rampart");
options.setUserName("admin");
options.setPassword("admin");
options.setProperty(RampartMessageData.KEY_RAMPART_POLICY,
loadPolicy(SECURITY_POLICY_PATH));

First, the client key store file path (CLIENT_JKS_PATH) is set as a Java system property. The next few lines are Axis2 specific code to initiate the Axis2 runtime and its security module, Rampart. You can see by the end the security policy path (SECURITY_POLICY_PATH) is given to be processed by Rampart. In the security policy, the runtime is notified that we are securing the service and using UsernameToken as the authentication method. After these steps are successfully carried out, we can use the service client to make secure service calls to our data service.

Sample Run

The command line application is used here to present the functionality of the secured data service. As shown in Data Services Clients, run the command "ant secure_sample", to run the sample.

The output:

The above demonstration shows how a Java service client can be used in accessing a secured data service.