This documentation is for WSO2 Data Services Server 3.2.2. View documentation for the latest release.
Secure Data Service Sample - Data Services Server 3.2.2 - WSO2 Documentation
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Current »

You may want to secure a data service by authentication, encryption and the usage of signatures. This is facilitated in the WSO2 Data Services Server by applying security properties directly to the data service. This sample demonstrates how a service client is used to access a secured data service.

About the sample

This service contains a single query/operation named showAllOffices, which returns all the office branches in a company.

Secure service client: When using a service client to access a secured data service, it must follow special steps in creating a secured connection to the service. The following code snippet is taken from the Axis2 service client used to access our sample secure data service.

String epr = "https://" + HOST_IP + ":" + HOST_HTTPS_PORT + "/services/SecureDataService";
System.setProperty("javax.net.ssl.trustStore", (new
File(CLIENT_JKS_PATH)).getAbsolutePath());
ConfigurationContext ctx = ConfigurationContextFactory.
createConfigurationContextFromFileSystem(null, null);
SecureDataServiceStub stub = new SecureDataServiceStub(ctx, epr);
ServiceClient client = stub._getServiceClient();
Options options = client.getOptions();
client.engageModule("rampart");
options.setUserName("admin");
options.setPassword("admin");
options.setProperty(RampartMessageData.KEY_RAMPART_POLICY,
loadPolicy(SECURITY_POLICY_PATH));

First, the client key store file path (CLIENT_JKS_PATH) is set as a Java system property. The next few lines are Axis2 specific code to initiate the Axis2 runtime and its security module, Rampart. You can see by the end the security policy path (SECURITY_POLICY_PATH) is given to be processed by Rampart. In the security policy, the runtime is notified that we are securing the service and using UsernameToken as the authentication method. After these steps are successfully carried out, we can use the service client to make secure service calls to our data service.

Building the sample

The sample data service, SecureDataService should be deployed using the instructions in Samples Setup.

Securing the Data Service

Enable security for the data service SecureDataService . Select UsernameToken in the basic scenario. Here we are simply enabling username/password based authentication for the data service. Select everyone as the user group. For step-by-step instructions on service-level security setting, refer to  Security for Web Services.

Running the sample

The sample service can be run using the TryIt tool, which is bundled with the WSO2 Data Services Server, or a code-generated java client sample as discussed in the Data Services Clients section.

The command line application is used here to present the functionality of the secured data service. As shown in Data Services Clients , run the command "ant secure_sample", to run the sample.

The output:

The above demonstration shows how a Java service client can be used in accessing a secured data service.

  • No labels