This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.

Secure Data Service Sample

Note that WSO2 EI is shipped with the following changes to what is mentioned in this documentation:

  • <PRODUCT_HOME>/repository/samples/ directory that includes all Data Integration samples is changed to <EI_HOME>/samples/data-services/.
  • <PRODUCT_HOME>/repository/samples/resources/ directory that includes all artifacts related to the Data Integration samples is changed to <EI_HOME>/samples/data-services/resources/.

You may want to secure a data service by authentication, encryption and the usage of signatures. This is facilitated in the WSO2 Enterprise Integrator (WSO2 EI) by applying security properties directly to the data service. This sample demonstrates how a service client is used to access a secured data service.

About the sample

This service contains a single query/operation named showAllOffices, which returns all the office branches in a company.

Secure service client: When using a service client to access a secured data service, it must follow special steps in creating a secured connection to the service. The following code snippet is taken from the Axis2 service client used to access our sample secure data service.

String epr = "https://" + HOST_IP + ":" + HOST_HTTPS_PORT + "/services/SecureDataService";
System.setProperty("javax.net.ssl.trustStore", (new
File(CLIENT_JKS_PATH)).getAbsolutePath());
ConfigurationContext ctx = ConfigurationContextFactory.
createConfigurationContextFromFileSystem(null, null);
SecureDataServiceStub stub = new SecureDataServiceStub(ctx, epr);
ServiceClient client = stub._getServiceClient();
Options options = client.getOptions();
client.engageModule("rampart");
options.setUserName("admin");
options.setPassword("admin");
options.setProperty(RampartMessageData.KEY_RAMPART_POLICY,
loadPolicy(SECURITY_POLICY_PATH));

First, the client key store file path (CLIENT_JKS_PATH) is set as a Java system property. The next few lines are Axis2 specific code to initiate the Axis2 runtime and its security module, Rampart. You can see by the end the security policy path (SECURITY_POLICY_PATH) is given to be processed by Rampart. In the security policy, the runtime is notified that we are securing the service and using UsernameToken as the authentication method. After these steps are successfully carried out, we can use the service client to make secure service calls to our data service.

Building the sample

The sample data service, SecureDataService should be deployed using the instructions in Samples Setup.

Securing the Data Service

Enable security for the data service SecureDataService . Select UsernameToken in the basic scenario. Here we are simply enabling username/password based authentication for the data service. Select everyone as the user group. For step-by-step instructions on service-level security setting, refer to  Security for Web Services.

Running the sample

The sample service can be run using the TryIt tool, which is bundled with the WSO2 Data Services Server, or a code-generated java client sample as discussed in the Data Services Clients section.

The command line application is used here to present the functionality of the secured data service. As shown in Data Services Clients , run the "ant secure_sample" command to run the sample. The output is as follows:

The above demonstration shows how a Java service client can be used in accessing a secured data service.