Topic
  • 2 replies
  • Latest Post - ‏2012-02-06T11:33:33Z by Jens.Engelke
SystemAdmin
SystemAdmin
289 Posts

Pinned topic Authorize Web Service calls (WS-Security with username token) with http BA

‏2011-12-16T19:15:43Z |
I am new to WebSphere ESB.
We have a few system to system web service integration in our client side. The system to system calls are through https with certificates. However, not all the calls have Basic authentication in the HTTP transport. The messages are protected with Username token WS-Security. The user id is registered in service providers's LDAP server.

My question is that what I need to do and configured (in WID and ESB) to authorize only specific service ID can access specific web service. (All service IDs are authenticated through the same LDAP server, but in different LDAP security groups.)

The ESB applications just do the transformation and routing to backend web service providers, which do their own authorization as well. I would like to authorize access even in the ESB layer in addition to backend web service provider.

Thanks, please help since I will need to make decision whether to drop this.

Norman
Updated on 2012-02-06T11:33:33Z at 2012-02-06T11:33:33Z by Jens.Engelke
  • SystemAdmin
    SystemAdmin
    289 Posts

    Re: Authorize Web Service calls (WS-Security with username token) with http BA

    ‏2011-12-16T19:21:46Z  
    Sorry, I meant "Authorize Web Service calls (WS-Security with username token) withOUT http BA

    Norman
  • Jens.Engelke
    Jens.Engelke
    21 Posts

    Re: Authorize Web Service calls (WS-Security with username token) with http BA

    ‏2012-02-06T11:33:33Z  
    Hi,

    the component which is called in ESB by the Web Service binding can specify a Qualifier "Security Permission" on its implementation.
    There, you specify a role name, which you can later map to users or groups (later is at deployment time or even at runtime).
    This qualifier is basically the same as a JEE role.

    HTH
    Jens