When the WS-Security UsernameToken-based Authentication option is selected in an outbound security policy that is attached to a SOAP Request Reply activity, TIBCO ActiveMatrix BusinessWorks™ 5 (BW) uses credentials retrieved from an Identity shared resource. It is a common requirement to be able to map username and password dynamically. This article explains how to achieve this in BW.
Prerequisite
The concrete WSDL for the service is imported into the project and SOAP Request Reply activity is configured with the same.
Configuration steps -
1. Import the schema from the following locations to the project.
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd https://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
2. Add the following import to the concrete WSDL.
<wsdl:import location = "oasis-200401-wss-wssecurity-secext-1.0.xsd" namespace = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"/>
3. Add the following namespace binding to the WSDL definitions element.
xmlns:wsse = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
4. Add a message element as follows.
<wsdl:message name = "Security"> <wsdl:part element = "wsse:Security" name = "Security"/> </wsdl:message>
5. Add a header to the operation input referring to the message defined in the previous step,
<wsdl:operation name = "GetBooks"> <soap:operation soapAction = "/Service/QueryBooksByAuthor" style = "document"/> <wsdl:input> <soap:body parts = "author" use = "literal"/> <soap:header message = "tns:Security" part = "Security" use = "literal"/> </wsdl:input> <wsdl:output> <soap:body parts = "message" use = "literal"/> </wsdl:output> </wsdl:operation>
6. The WS-Security header should now be available in the SOAP Request Reply activity input.
7. Select the ‘any element’ under the ‘Security’ element and click the ‘Edit Statement’ button. Then select ‘UsernameToken’ from the schema http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd.
8. Select the ‘any element’ under the ‘UsernameToken’ element and click the ‘Edit Statement’ button. Then select Password from the schema http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd.
9. It should now be possible to map username and password dynamically.
A sample project is available here.
- 1
Recommended Comments
There are no comments to display.
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now