All WSO2 products, including WSO2 API Manager, are built on top of the WSO2 Carbon kernel and have a Management of WSO2 Carbon is done through SOAP Web services known as admin services. All WSO2 products come with a management console UI, which communicates with these Web services underneath to facilitate administration capabilities through the UI.
However, there can be instances when you want to call these backend Web services directly. For example, in test automation, to minimize the overhead of having to change automation scripts whenever a UI change happens, developers prefer to call the underlying services in scripts (WSO2 test automation framework is built for this purpose).
These backend Web services are secured to prevent anonymous invocations. In order to invoke them, the user must be authenticated first. Common types of security protocols are as follows:
- HTTP basic authentication over SSL
- WS-Security username token
- Session based authentication
The steps below show, through an example, how to invoke admin services that are secured with HTTP basic authentication mechanism. To invoke the admin services, we use soapUI (4.5.1 or later) and UserAdmin as the admin service (you can also use a different admin service such as ServiceAdmin, StatisticsAdmin, ProxyAdmin etc.)
Open https://localhost:9443/services/UserAdmin?wsdl in your browser to check if it is accessible.
By default, the WSDLs of admin services is hidden from consumers. Before consumers import it to a SOAP client, a system admin must enable it by setting
<HideAdminServiceWSDLs>false</HideAdminServiceWSDLs>
in<PRODUCT_HOME>/repository/conf/carbon.xml
file and restarting the server.Create a SOAP Web service project in the soapUI using the above WSDL.
- Select
listAllUsers
operation underUserAdminSoap11Binding
interface and click on the SOAP request. This invokes theĀlistAllUsers
operation exposed throughUserAdmin
Web service. Click the Aut tab at the bottom of the request editor and give the admin credentials of your server in order to submit
listAllUsers
SOAP request using HTTP basic authentication headers.Enter the following values for the parameters of the SOAP request.
<xsd:filter>*</xsd:filter> <xsd:limit>100</xsd:limit>
You can now submit requests to the UserAdmin Web service and receive SOAP responses.