Skip to main content
Skip table of contents

WebService Security

Contents

Basic Authentication

Configuring Jetty Server

In FPS Jetty Server, basic Authentication needs to be enabled as the Stub component is running in the FPS server.

  1. Before starting the FPS server, start eStudio and load the FPS profile from Profile Management (Window > Show View > Other > Profile Manager) panel.
  2. Navigate to FPS > Fiorano > Esb > Jetty > Jetty.
  3. In the Properties of Jetty panel on the right side, enable Basic Authentication (BasicAuthSupported property) and give the fully qualified path of the Realm.properties file.


    Figure 1: Enabling Basic Authentication
     
  4. Save the profile and Close.

Enabling Basic Authentication with bcwsgateway

  1. Open Web.xml in %FIORANO_HOME%/esb/server/jetty/fps/webapps/bcwsgateway/WEB- INF
  2. Uncomment the security-constraint and login-config tags. Save this and then close.
  3. Start the Server and log in to eStudio.
  4. Configure WSStub.

Enabling Basic Authentication with WSStub

Open the WSStub service and configure HTTP Authentication configuration in the CPS as follows:

  1. In Security Configuration panel, click HTTP Authentication Configuration button to open Authentication editor.
  2. In the Editor dialog box, enable authentication by selecting Use HTTP Authentication checkbox.
  3. Select the type as 'BASIC', and provide the username and password that are present in the Realm.properties file.


    Figure 2: Enabling Expert Properties
     
  4. Click OK and click Finish in the Security Configuration panel.
  5. Launch the flow

Testing Services from Dashboard

Go to the Services tab in Dashboard and perform the following actions:

  1. In the Web Services section under Services, click the Test button present under Web Services Gateway section to provide authentication properties.



  2. Enable Set Basic Authentication property and enter Username and Password in the WSStub configuration and click the Test button (present at the lower-left part of the screen) to perform the test.


    Figure 3: Enabling Set Basic Authentication

 

Testing Services from Web Service Consumer

Configure the WebServiceConsumer service by performing the following actions:

  1. Enable Http Basic Authentication property and enter the user name and password as done in the WSStub service and click the Next button to move to Interaction Configuration panel.

    Specify the WSDL to enable Next button.



    Figure 4: Enabling Http Basic Authentication
     

  2. Click the Call Properties, add the javax.xml.rpc.security.auth.username and javax.xml.rpc.security.auth.password properties, and then enter the values. Finally perform the test.

    Select the Web Service Operation to complete the configuration.



    Figure 5: Add Properties dialog box

SSL Security

You can configure the SSL parameters for Jetty; configure the SSL parameters for Jetty, running with FES/FPS by editing the corresponding profiles.

In FPS profile configuration, enable SSLEnabled property.


Figure 6: Configuring Jetty for FPS

In FES profile configuration, enable SSLEnabled property. Also provide the port number for SSL Port Number property which returns the port used by the embedded jetty server with SSL support.


Figure 7: Configuring Jetty for FES

Configuring SSL parameters for Jetty

You can configure the SSL parameters for Jetty which is running with FES/FPS by editing the corresponding profiles.

By default, the SSL property for Jetty is disabled. Perform the following actions to enable this property and provide the respective properties,

  1. Open FES/FPS profile, navigate to Esb > Jetty, select Jetty node.
  2. Specify the values for KeyStoreLocation, KeyStorePassword, KeyPassword, TrustStore, TrustStorePasswd and save the FES/FPS profile.

    Refer Managing Jetty Security section to know how to generate KeyStore and TustStore.



    Figure 8: Keystore and TruStore properties for FES profile


    Figure 9: Keystore and TruStore properties for FPS profile
     

  3. Start the servers. Jetty is started with the SSL enabled.

Configuring SSL support for WSStub and HttpStub

To use WSStub/HttpStub with SSL Support, the Jetty Server running in FPS needs to be started with SSL support. To check if Jetty is started with SSL support, check the following URL:

CODE
https://<IP Address>:<Port Number>/bcwsgateway.

If the URL is working, this means the Jetty with FPS is started with SSL support. SSL properties can be configured for WSStub and HttpStub through CPS.


Figure 10: Properties of SSL


Figure 11: SSL Security dialog box

After configuring the SSL parameters through CPS, launch the Event Process. If WSStub does not start properly, check the SSL configuration with WSStub CPS.

Testing Web Service from Dashboard

Web service can be tested from dashboard by clicking the Test button and giving the input parameters.

Testing Web Service from WebServiceConsumer

After Launching the WSStub, perform the following actions:

  1. Get the WSDL URL (right-click WSStub and copy WSDL)
  2. Open the WSConsumer CPS and provide the copied URL in WSDL URL property.
  3. Configure WSConsumer for SSL through CPS.


    Figure 12: Configure WSConsumer
     
  4. Enable SSL and provide TrustStore location, TrustStorePassword, KeyStoreLocation, and KeyStorePassword.


    Figure 13: Enabling SSL option

The Web Service configured for SSL from WebServiceConsumer can now be invoked.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.