This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.

Secure Proxy Service with a Policy and Endpoint Referenced

Owned by Rukshani Weerasinha (Unlicensed)
Jun 03, 2014
2 min read

In this section we look at a sample on how to create the static security policy resource and the proxy service. These are packed into a single CApp and deployed in the ESB server.

Pre-requisites:
  • An XML file containing the security policy for the proxy service needs to be created. Sample content of a simple user name-token security policy is available here.
  • Registry Resources with the endpoint URLs to be created as in the previous sample.

To create the security policy and proxy service projects:

  1. Create an XML file containing the security policy. For this sample, we look at a simple authentication policy using X509 certificate. The XML configuration details are available here.

    Note: Currently Developer Studio tooling has a limitation where it does not support security policies for user name token authentication.

     

  2. Create a Registry Resources Project named 'HelloWorldStaticResources'.
  3. To create a new Registry Resource for the policy, right-click the project and select New > Registry Resource.
     
  4. Choose Import from file system.
  5. Browse and select the XML file containing the policy from the file system.
  6. Select 'gov' as the Registry.
  7. Specify 'policies/HelloWorld' as the Registry path to deploy.

To create an ESB proxy service:

  1. Select the HelloWorldApp project, right-click and select New > Proxy Service.
  2. Select Create a New Proxy Service
  3. Select Secure Proxy.
  4. Click on Create new ESB Project and set the name as HelloWorldProxyServices.
  5. In the Advanced Configuration section, select Pick from Registry.
  6. Set the endpoint key to gov:/endpoints/HelloWorld/HelloWorldServiceEP.xml.

  7. Set the security policy key as gov:/policies/HelloWorld/SignOnly.xml.

    Note that this indicates that we are using the governance section of the registry, and what is visible from the ESB is the /policies/HelloWorld/SignOnly.xml URL. This URL remains the same across all environments.

  8. The projects setup is now complete.

To create CApp projects for each CApp archive:

  1. Create a resource CApp with the dynamic resources created in the previous sample.
  2. Create a CApp with the static resource and proxy service we created in the steps above.
  3. The next step is to create the CApp to contain the static resource (security policy) and the proxy service.

To create and use a HelloWorldCApp Carbon Application project:

  1. Select the HelloWorldApp multi-module project.
  2. Choose File > New > Carbon Application Project from the main Eclipse menu.
  3. Name the project HelloWorldCApp.
  4. Select the HelloWorldProxyServices and HelloWorldStaticResources in the dependencies list.
  5. Click Next.
  6. Set the artifactID to HelloWorld (this ensures a HelloWorld-<versionNumber>.car file is created).
  7. Click Finish.
  8. When the CApp is created, expand the CApp in the Project Explorer window and select pom.xml.
  9. Select HelloWorldStaticResources and expand.
  10. Change the server role to ESB since we are deploying this CApp in the ESB. Select Enterprise Service from the drop down list.
     
  11. Your final project structure should now look like this:
     

  12. Right-click the top project (HelloWorldApp) and select Generate POMSelect all the HelloWorld projects, which are then added as modules to the top multi-module Maven project. If you look at the top project pom.xml, you should see the following entries inside:

    <modules>
    <module>HelloWorldProxyServices</module>
    <module>HelloWorldDynamicResources</module>
    <module>HelloWorldStaticResources</module>
    <module>HelloWorldCApp</module>
    <module>HelloWorldResourcesDevCApp</module>
    <module>HelloWorldResourcesQACApp</module>
</modules>

Your projects are now ready to be built and deployed.