Note that WSO2 EI is shipped with the following changes to what is mentioned in this documentation:
repository/samples/directory that includes all Integration profile samples is changed to
repository/samples/resources/directory that includes all artifacts related to the Integration profile samples is changed to
This sample demonstrates how you can use the ESB to connect to endpoints with WS-Security for outgoing messages.
In this sample the stock quote client sends a request without WS-Security. The ESB is configured to enable WS-Security as per the policy specified in the
policy_3.xml file, for outgoing messages to the SecureStockQuoteService endpoint hosted on the Axis2 instance.
- For a list of general prerequisites, see Prerequisites to start ESB samples.
- This sample uses Apache Rampart as the back-end security implementation. Therefore, you need to download and install the unlimited strength policy files for your JDK before using Apache Rampart. Follow the steps below to download and install the unlimited strength policy files:
Go to http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html, and download the unlimited strength JCE policy files for your JDK version.
- Uncompress and extract the downloaded ZIP file. This creates a directory named JCE that contains the
- In your Java installation directory, go to the
jre/lib/securitydirectory, and make a copy of the existing
US_export_policy.jarfiles. Next, replace the original policy files with the policy files that you extracted in the previous step.
Building the sample
The XML configuration for this sample is as follows:
This configuration file
synapse_sample_100.xml is available in the
To build the sample
Start the Axis2 server. For instructions on starting the Axis2 server, see Starting the Axis2 server.
Deploy the back-end service
SecureStockQuoteService. For instructions on deploying sample back-end services, see Deploying sample back-end services.
Executing the sample
The sample client used here is the Stock Quote Client, which can operate in several modes. For further details on this sample client and its operation modes, see Stock Quote Client.
To execute the sample client
Run the following command from the
Analyzing the output
When you analyze the debug log output on the ESB console, you will see the encrypted message flowing to the service and the encrypted response being received by the ESB. You will also see that the
wsse:Security header is removed from the decrypted message and the response is delivered back to the client, as expected.
If you use TCPMon and send the message through it, you will see the message sent by the ESB to the secure service as follows: