How to Secure Your Enterprise Services with WSO2 ESB 4.9

Preview:

Click to see full reader

Citation preview

๏ http:

//synapse.apache.org

http://synapse.apache.org/
http://synapse.apache.org/
http://synapse.apache.org/

Customer Profiles. (Login)

Money Transfer.

Credit card payments. Online bill payments.

Genuine User

Unauthorized User

Secured Proxy Service

Unsecured Service

● Ensure that the timestamp on the token is still valid● Authenticate the username against a repository● Authenticate the username and password against a repository

soapenv:Header>

<wsse:Security

soapenv:mustUnderstand="1">

<wsu:Timestamp

wsu:Id="Timestamp-31497899">

<wsu:Created>2008-02-06T13:39:50.943Z</wsu:Created>

<wsu:Expires>2008-02-06T13:44:50.943Z</wsu:Expires>

</wsu:Timestamp>

<wsse:UsernameToken

wsu:Id="UsernameToken-10697954">

<wsse:Username>apache</wsse:Username>

<wsse:Password

Type="http://...#PasswordText">password</wsse:Password>

</wsse:UsernameToken>

</wsse:Security>

</soapenv:Header>

<soapenv:Body>

<parameter name="customSSLProfiles"> <profile> <servers>www.test.org:80, www.test2.com:9763 </servers> <KeyStore> <Location>/path/to/identity/store</Location> <Type>JKS</Type> <Password>password</Password> <KeyPassword>password </KeyPassword> </KeyStore> <TrustStore> <Location>path/to/trust/store</Location> <Type>JKS</Type> <Password>password</Password> </TrustStore> </profile></parameter>

<parameter name="SSLProfiles"> <profile> <bindAddress>192.168.1.2</bindAddress> <KeyStore> <Location>/path/to/testhost1.p12</Location> <Type>JKS</Type> <Password>test</Password> <KeyPassword>test</KeyPassword> </KeyStore> </profile> <profile> <bindAddress>192.168.1.3</bindAddress> <KeyStore> <Location>/path/to/testhost2.p12</Location> <Type>JSK</Type> <Password>test</Password> <KeyPassword>test</KeyPassword> </KeyStore> </profile></parameter>

<parameter name="SSLVerifyClient">require</parameter>

Recommended

Implementing JMS Integration Solutions with WSO2 ESB
Technology
Implementing advanced integration patterns with WSO2 ESB
Technology
WSO2 ESB Webinar 01 Sept 2009
Technology
Deep-dive into WSO2 ESB 5.0
Software
Exploring the WSO2 ESB 4.7
Technology
Wso2 Scenarios Esb Webinar July 1st
Technology
Security Patterns with the WSO2 ESB
Technology
Lightweight Orchestration with WSO2 ESB
Technology
Restful Integration with WSO2 ESB
Technology
Enterprise Integration with WSO2 ESB
Technology
WSO2 Guest Webinar - ESB meets IoT, a Primer on WSO2 Enterprise Service Bus (ESB)
Technology
Wso2 esb-maintenance-guide
Technology
REST & API Management with the WSO2 ESB
Technology
WSO2-ESB - The backbone of Enterprise Integration
Engineering
Create WSO2 ESB application · PDF fileCreate WSO2 ESB application Prerequisites 1. Install and configure VMware vFabric Application Director with vCloud Director. 2. Add WSO2 ESB
Documents
Improved Business Availability and Scalability with WSO2 ESB 4.9’s New Coordination Framework
Technology
Chakray integración-service-wso2 esb-bonitabpm-20140504
Documents
WSO2 ESB Capabilities to One Drive - Mitra Microsoft ... · WSO2 technologies – we wanted to avoid creating additional development overheads by implementing a WSO2 ESB connector
Documents
WSO2 ESB Integration with REST
Documents
Intelligent integration with WSO2 ESB & WSO2 CEP
Data & Analytics