ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » Another WS-Security Consumer Question

Post new topic  Reply to topic
 Another WS-Security Consumer Question « View previous topic :: View next topic » 
Author Message
jayZ
PostPosted: Thu Mar 13, 2014 12:13 pm    Post subject: Another WS-Security Consumer Question Reply with quote

Acolyte

Joined: 03 Jun 2008
Posts: 71
I've been reading through the multiple threads here about methods for adding a username/password onto a SOAPRequest but have yet to get a satisfactory direction. Here is our scenario,

We are creating a proxy to a third party webservice. Said proxy will implement WS-Security on the input (SOAPInput) using our internal active directory system. Then, the message flow will apply a different username and password before calling the third party. We chose this approach for two reasons: so that we can manage all internal clients while preventing the third party for generating multiple uses for a single organization; and, so that the global credentials need not be stored in multiple systems.

I have no problem using a UDP and storing the credentials in a properties file from a technical perspective. In fact, that is how we have been handling this scenario for some time. (I do think this approach is pretty deficient from a security perspective) However, I have read the these values can essentially be looked up from a security profile. So far, all of the articles I've read assume the Identity will be passed in via the input and propagated. Because the broker and third party will be authorizing/authenticating these users separately, I cannot just propagate the input credentials. All of this brings me to my question...

Other than a database or UDP (both of which we use), is there a way for the broker platform to store those values and assign them to the outbound SOAP request?

-----

Previous research
http://www.mqseries.net/phpBB2/viewtopic.php?t=62150&start=0&postdays=0&postorder=asc&highlight=

http://publib.boulder.ibm.com/infocenter/wmbhelp/v7r0m0/index.jsp?topic=%2Fcom.ibm.etools.mft.doc%2Fac55630_.htm

http://www.mqseries.net/phpBB2/viewtopic.php?t=63409&highlight=soaprequest+wssecurity

http://127.0.0.1:2975/help/index.jsp?topic=%2Fcom.ibm.etools.mft.doc%2Fap04010_.htm

http://www.ibm.com/developerworks/websphere/library/techarticles/1008_fan/1008_fan.html

https://www.ibm.com/developerworks/community/forums/html/topic?id=77777777-0000-0000-0000-000014961194
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » Another WS-Security Consumer Question
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
  
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.