Monday, March 5, 2012

How to invoke a secured webservice through BPEL

Engaging Quality of Service(QoS) for a partner web service endpoint in WSO2 BPS is facilitated by Unified Endpoint(UEP) feature. Not only QoS, but also, protocol specific properties like setting “ReplyTo” header for the outgoing message can be configured via UEPs. To get some more idea on UEPs please refer this post.

This post describes how to invoke a secured web service through a BPEL process using an UEP.

Tested Environment
  • WSO2 BPS 2.1.2 (based on WSO2 Carbon 3.2.0) release and WSO2 BPS release based on WSO2 Carbon 4.0.0
A sample of referring the security policy in the Unified-Endpoints can be found via this Unified Endpoint  in this sample BPEL Loan Process
This policy can be maintained outside from the BPEL artifact as well.

eg - Referring to a policy maintained in the file system - Use the absolute path for the policy in UEP.


eg - Referring to a policy maintained in the configuration registry - Use the registry specific path for the policy in Unified Endpoint.


Maintaining an policy outside from the BPEL artifact becomes very useful when governing policies which are used by multiple BPEL processes in multiple WSO2 BPS instances.

8 comments:

Mohammad Benslimne said...

Please, would you have examples for invoking basic-auth secured WS ? How could I insert Authorization http header in secured WS request ?

I tried unified endpoints, but I got java.lang.NullPointerException at org.wso2.carbon.bpel.core.ode.integration.config.EndpointConfiguration.getUnifiedEndpoint when defining tag (cf. http://osdir.com/ml/general/2012-05/msg47734.html).

I tried also defining the Autorization header in in deploy.xml (cf. http://wso2.org/project/bps/2.0.2/docs/user_guide.html#Using-Manipulating-Endpoints), no effect!

Many thanks for any help ...

Denis Weerasiri said...

What's the version of BPS you use?

Mohammad Benslimne said...

It's a 2.1.2 !

Thanks

Denis Weerasiri said...

Hi Mohammad,
Based on http://osdir.com/ml/general/2012-05/msg47734.html what you are trying to do is not included in 2.1.2.
So please use a latest nightly build and verify your test case.

Denis Weerasiri said...

Hi Denis
I am using WSO2 BPS 3.2.0 and Eclipse Java EE IDE for Web Developers Version: Kepler Service Release 2 Build id: 20140224-0627 with BPEL Editor 1.0.3.201407100424.
I am trying call SAML secured webservice Axis2Service from this tutorial http://charithaka.blogspot.sk/search/label/STS
I tried modify deploy.xml




and use EPR

http://192.168.0.168:9764/services/Axis2Service

SInvokeEPR






but no luck :(

Response is

soapenv:Server
axis2ns7:UnknownFault

wsse:InvalidSecurity



BTW: Editor show me The word '' is not correctly spelled. is correct.


Thank you for advice

Denis Weerasiri said...

Hi Nick,

Could you please reach wso2 via http://stackoverflow.com/questions/tagged/wso2 and ask this question. Because, I did not use BPS recently. Sorry for the inconvenience.

Also it is bit hard to say much as the response doesn't give much details. If you can attach the backend error log of the secured service, that would be very helpful.

ps- If you find the solution please reply here, as I also would like to know the answer.

Denis Weerasiri said...

Thank for your response.
I send my question to stackoverflow.com.
I found this in wso2carbon.log
TID: [0] [AS] [2014-12-02 09:54:45,236] ERROR {org.apache.axis2.engine.AxisEngine} - SOAP header missing {org.apache.axis2.engine.AxisEngine}
org.apache.axis2.AxisFault: SOAP header missing
at org.apache.rampart.handler.RampartReceiver.setFaultCodeAndThrowAxisFault(RampartReceiver.java:180)
Caused by: org.apache.rampart.RampartException: SOAP header missing
at org.apache.rampart.RampartEngine.process(RampartEngine.java:128)
at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92)
... 45 more


I think it is because of no SAML assertion was sended.

Denis Weerasiri said...

Great,