This documentation is for WSO2 Enterprise Service Bus version 5.0.0. For the latest ESB, view the latest WSO2 Enterprise Integrator documentation.

All docs This doc
||
Skip to end of metadata
Go to start of metadata

Objective: Add security policies to the Message Forwarding Processor.

<definitions xmlns="http://ws.apache.org/ns/synapse">
   <registry provider="org.wso2.carbon.mediation.registry.WSO2Registry">
      <parameter name="cachableDuration">15000</parameter>
   </registry>
   <proxy name="StockQuoteProxy" transports="https http" startOnLoad="true" trace="disable">
      <description />
      <target>
         <inSequence>
            <property name="OUT_ONLY" value="true" />
            <store messageStore="MSG_STORE" />
         </inSequence>
         <outSequence>
            <send />
         </outSequence>
      </target>
   </proxy>
   <localEntry key="sec_policy" src="file:repository/samples/resources/policy/policy_3.xml" />
   <endpoint name="SecureStockQuoteService">
      <address uri="http://localhost:9000/services/SecureStockQuoteService">
         <enableSec policy="sec_policy" />
      </address>
   </endpoint>
   <messageStore name="MSG_STORE" />
   <messageProcessor class="org.apache.synapse.message.processor.impl.forwarder.ScheduledMessageForwardingProcessor" name="SecureForwardingProcessor" targetEndpoint="SecureStockQuoteService" messageStore="MSG_STORE">
      <parameter name="client.retry.interval">1000</parameter>
      <parameter name="interval">1000</parameter>
      <parameter name="is.active">true</parameter>
   </messageProcessor>
</definitions>

Prerequisites

  • Start the Synapse configuration numbered 703, e.g., wso2esb-samples.sh -sn 703
  • Start the Axis2 server and deploy the SecureStockQuoteService if you have not done so already.

  • If needed, download and install the unlimited strength policy files for your JDK before using Apache Rampart (see http://java.sun.com/javase/downloads/index_jdk5.jsp)

Use the stockquote client to send a request without WS-Security. ESB is configured to enable WS-Security as per the policy specified by 'policy_3.xml' for the outgoing messages to the SecureStockQuoteService endpoint hosted on the Axis2 instance. The debug log messages on ESB shows the encrypted message flowing to the service and the encrypted response being received by ESB.

ant stockquote -Daddurl=http://localhost:8280/services/StockQuoteProxy -Dmode=placeorder -Dsymbol=WSO2

You can see the message sent by the ESB to the secure service using a TCPMon. Upon successful execution, there should be a message on the back end as follows:

Sun Aug 18 10:58:00 IST 2013 samples.services.SimpleStockQuoteService  :: Accepted order #5 for : 18851 stocks of WSO2 at $ 61.782478265721714

Start the SimpleStockQuoteService. When you start the service, you will see the message getting delivered to the service, even though the service was down when we invoked it from the client. The Main sequence store mediator stores the placeOrder request message in the "MyStore" message store, and the message processor sends the message to the endpoint configured as a message context property. The message processor will remove the message from the store only if the message is delivered successfully.

  • No labels