You may want to secure a data service by authentication, encryption and the usage of signatures. This is facilitated in the WSO2 Data Services Server by applying security properties directly to the data service. This sample demonstrates how a service client is used to access a secured data service.
About the sample
This service contains a single query/operation named showAllOffices, which returns all the office branches in a company.
Secure service client: When using a service client to access a secured data service, it must follow special steps in creating a secured connection to the service. The following code snippet is taken from the Axis2 service client used to access our sample secure data service.
String epr = "https://" + HOST_IP + ":" + HOST_HTTPS_PORT + "/services/SecureDataService"; System.setProperty("javax.net.ssl.trustStore", (new File(CLIENT_JKS_PATH)).getAbsolutePath()); ConfigurationContext ctx = ConfigurationContextFactory. createConfigurationContextFromFileSystem(null, null); SecureDataServiceStub stub = new SecureDataServiceStub(ctx, epr); ServiceClient client = stub._getServiceClient(); Options options = client.getOptions(); client.engageModule("rampart"); options.setUserName("admin"); options.setPassword("admin"); options.setProperty(RampartMessageData.KEY_RAMPART_POLICY, loadPolicy(SECURITY_POLICY_PATH));
First, the client key store file path (CLIENT_JKS_PATH) is set as a Java system property. The next few lines are Axis2 specific code to initiate the Axis2 runtime and its security module, Rampart. You can see by the end the security policy path (SECURITY_POLICY_PATH) is given to be processed by Rampart. In the security policy, the runtime is notified that we are securing the service and using UsernameToken as the authentication method. After these steps are successfully carried out, we can use the service client to make secure service calls to our data service.
Building the sample
The sample data service,
SecureDataService should be deployed using the instructions in Samples Setup.
Securing the Data Service
Enable security for the data service SecureDataService . Select UsernameToken in the basic scenario. Here we are simply enabling username/password based authentication for the data service. Select everyone as the user group. For step-by-step instructions on service-level security setting, refer to Security for Web Services.
Running the sample
The sample service can be run using the TryIt tool, which is bundled with the WSO2 Data Services Server, or a code-generated java client sample as discussed in the Data Services Clients section.
The command line application is used here to present the functionality of the secured data service. As shown in Data Services Clients , run the "ant secure_sample" command to run the sample. The output is as follows:
The above demonstration shows how a Java service client can be used in accessing a secured data service.