Tuesday, November 17, 2015

How to apply security policies with WSO2 ESB 4.9.0

Hi All,

Here is a quick tutorial on how to create a secured service in WSO2 ESB 4.9.0. As QoS is removed from the admin console, now you will have to use WSO2 Developer Studio to apply the relevant security policies for the proxy services.

1) Download WSO2 ESB 4.9.0 and WSO2 Developer Studio 3.8.0
2) Extract these into folders
3) First we need to create a policy using the developer studio
Please refer following URL on creating a new policy - here we can use UsernamToken Policy
policy https://docs.wso2.com/display/DVS380/Applying+Security+for+a+Service#ApplyingSecurityforaService-Creatingthesecuritypolicy

4) Then you need to create the proxy service - for this first create an ESB Config Project from the Developer Studio Dashboard - then right click on the project name and add a proxy service

5) For this scenario lets create a simple Pass through proxy- lets use StockQuote Sample as the sample endpoint

Please follow the following link on how to startup the sample services https://docs.wso2.com/display/ESB490/Setting+Up+the+ESB+Samples#SettingUptheESBSamples-StartingtheAxis2server

6) After creating the proxy , you need to add the previously created security policy to the proxy service

Please refer the following guide on how to do that  https://docs.wso2.com/display/DVS380/Applying+Security+for+a+Service#ApplyingSecurityforaService-Applyingsecurityforaproxyservice

7) After creating both proxy service and the policy , you need to deploy this into the ESB. For this purpose lets create a composite application First

8) Go to the Developer studio dashboard and Click on Composite Application Project - there give a name to the project and select both the proxy service project and the policy project you have created and click on Finish

9) Now right click on the created composite application project and click on Export Composite Application Project

10) Now startup the ESB server and Login - then go to Carbon Applications from the right side menu and upload the car file by clicking on Add

11) After the successful deployment of the .car file when you go to list the proxy services you can see the created Proxy Service with Security Applied

12) Click on Try this Service and the following window will be opened

Note :- please enter the username and password and select the https endpoint as shown above and invoke the service with a parameter ex:- IBM

You will get the relevant response :)


No comments:

Post a Comment