A while
back I had to do some research to find out how I could pass a username and
password dynamically to an external service in BPEL through the SOAP header
using the wss_username_token_policy. Turns out it’s quite easy so let me share
a simple implementation with you.
The composite looks as follows. The client and target are both secured with the wss_username_token_policy.
1. Create the XSD schema
Create an XSD schema that specifies the UsernameToken profile in accordance with the OASIS standard. It’s not necessary to create a separate XSD schema. You could also add it to the existing XSD schema that was already generated with your project.
2. Update the WSDL
In the WSDL we will have to add the namespace, import the XSD schema and add the message type of our security header. Lastly, we add the header to the binding. See the four snippets of code I put together below:
Now this is how you retrieve the header passed by the client service and use it to invoke a target service. If your target service returns a header, it will be returned to the client service.
That’s all! Hope this helped :)
This is
what we are aiming for, a simple BPEL process that calls an external service to
return some data to the client. Both require authentication through the
UsernameToken. The security header which will contain the UsernameToken
consisting of a username and password and will be received as input and passed on
to the target service.
The composite looks as follows. The client and target are both secured with the wss_username_token_policy.
To achieve this we will:
1-Create a schema that contains the definition of the security header
2-Update our WSDL so it will contain the header element
3-Create a variable in BPEL for the header and use it to pass it on
1-Create a schema that contains the definition of the security header
2-Update our WSDL so it will contain the header element
3-Create a variable in BPEL for the header and use it to pass it on
1. Create the XSD schema
Create an XSD schema that specifies the UsernameToken profile in accordance with the OASIS standard. It’s not necessary to create a separate XSD schema. You could also add it to the existing XSD schema that was already generated with your project.
2. Update the WSDL
In the WSDL we will have to add the namespace, import the XSD schema and add the message type of our security header. Lastly, we add the header to the binding. See the four snippets of code I put together below:
3. BPEL
Add the namespace (here it has xmlns:ns1) and import the XSD schema. Next, create a variable that will hold the security header. I named the variable SecurityHeader. Now you can use the 'Assign' or 'Transform' activity to assign values to the elements of the header.
Add the namespace (here it has xmlns:ns1) and import the XSD schema. Next, create a variable that will hold the security header. I named the variable SecurityHeader. Now you can use the 'Assign' or 'Transform' activity to assign values to the elements of the header.
Now, when you edit the receive,
invoke and reply constructs, you can add your header variable via the ‘Headers’
tab.
When the
security header has been added for all three constructs your code should look
similar like the following. The highlighted parts are the references to our
security header.
Now this is how you retrieve the header passed by the client service and use it to invoke a target service. If your target service returns a header, it will be returned to the client service.
That’s all! Hope this helped :)
