| Author |
Message
|
| anil kumar |
 Posted: Mon Oct 16, 2017 12:55 am Post subject: WS-Security Provider |
 |
|
Voyager
Joined: 22 Jan 2017
Posts: 97
Location: India
|
Hi All,
recently i have worked on a Security SOAP service(Consumer scenario ) which is Enabled user name token authentication i have completed it using Policy sets and Policy bindings
it worked fine ,
now i want to implement the same type of flow i want to create a Soap Provider flow with WSSecurity username token authentication
i have read it here http://mqseries.net/phpBB/viewtopic.php?t=65188&sid=07691d65ea7a5c1ce08b853e452f1534 that we can not create WSDLs that include WS-security information. with secuirty headers,
can any one throw some lights on this if this can be achievable or not. |
|
| Back to top |
|
 |
| ganesh |
| Posted: Wed Oct 18, 2017 12:22 pm Post subject: |
|
|
Master
Joined: 18 Jul 2010
Posts: 294
|
| If your question was whether we can add ws-security header elements to the soap header then yes we can do that using esql. |
|
| Back to top |
|
|
| anil kumar |
| Posted: Fri Oct 20, 2017 3:42 am Post subject: |
|
|
Voyager
Joined: 22 Jan 2017
Posts: 97
Location: India
|
Hi Ganesh,
I have resloved the above issue but i have some new Question as below
the Question is not about adding headers
iam creating a username token authentication webservice
when i pass the message with WSSecuirty included from SOAP UI to my webservice provider i want to authenticate the user .
i have allready implemented this scenario of authenticating the incoming request with LDAP,
but what i wanted to know whether can we autheticate the username tokens sent by user without any external directory server is there is anything that broker check for the username password provided by the user and valid or not valid |
|
| Back to top |
|
|
| Vitor |
| Posted: Fri Oct 20, 2017 5:01 am Post subject: |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| anil kumar wrote: |
| what i wanted to know whether can we autheticate the username tokens sent by user without any external directory server is there is anything that broker check for the username password provided by the user and valid or not valid |
You're asking if broker hosts an internal directory (LDAP) server.
No it doesn't.
Why would you ever want such a thing?
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
| anil kumar |
| Posted: Mon Oct 23, 2017 2:47 am Post subject: |
|
|
Voyager
Joined: 22 Jan 2017
Posts: 97
Location: India
|
thanks Vitor , correct me if im wrong
So if i wanted to do authentication of the incoming request then i must use some external Directory server something as exampleTivoli Directory server .
so we can not do any authentication without those? |
|
| Back to top |
|
|
| Vitor |
| Posted: Mon Oct 23, 2017 5:02 am Post subject: |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| anil kumar wrote: |
so if i wanted to do authentication of the incoming request then i must use some external Directory server something as exampleTivoli Directory server .
so we can not do any authentication without those? |
That's the case.
I repeat my question - why would you want to do this? You're talking about adding user ids and passwords to some location inside IIB. Aside from the problems of securing that, you now have an additional location where user ids and passwords need to be kept in sync. It's much better practice to use the corporate LDAP solution where the user ids live, along with a high-feature group structure.
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
| anil kumar |
| Posted: Mon Oct 23, 2017 10:11 pm Post subject: |
|
|
Voyager
Joined: 22 Jan 2017
Posts: 97
Location: India
|
Thanks Vitor ,
thanks for your suggestion , i will go with LDAP to Authenticate users who are consuming my webservice. |
|
| Back to top |
|
|
|
|
