Skip to main content

Managing Policies for individual SOAP operations

1 reply [Last post]
phani16
Offline
Joined: 2011-04-11
Points: 0

Hi All,
I have created a SOAP WSDL with multiple operations associated to a single binding port. Now i would like to set different policies for each operation.
If i have two SOAP operations viz addNums and subNums associated to a single binding port type, then i would attach a policy to addNums to look for authentication to a File Realm and to subNums to look for authentication to a Ldap realm. Is it possible to do that ? Please find the below WSDL.

<?xml version="1.0" encoding="UTF-8"?>
<!-- This file is auto-generated by CASA. Edit its content manually may cause unrecoverable errors. -->
<definitions xmlns="http://schemas.xmlsoap.org/wsdl/"
xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
targetNamespace="caSOAPSecurity"
xmlns:tns="caSOAPSecurity" xmlns:ns="http://j2ee.netbeans.org/wsdl/bpelSOAPLDAPSecurity/wsdlArithmeticOps" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:fi="http://java.sun.com/xml/ns/wsit/2006/09/policy/fastinfoset/service" xmlns:tcp="http://java.sun.com/xml/ns/wsit/2006/09/policy/soaptcp/service" xmlns:sc="http://schemas.sun.com/2006/03/wss/server" xmlns:wspp="http://java.sun.com/xml/ns/wsit/policy" xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<import namespace="http://j2ee.netbeans.org/wsdl/bpelSOAPLDAPSecurity/wsdlArithmeticOps" location="../jbiServiceUnits/bpelSOAPLDAPSecurity/wsdlArithmeticOps.wsdl"/>
<portType name="dummyCasaPortType"/>
<binding name="casaBinding1" type="ns:wsdlArithmeticOpsPortType">
<soap:binding style="rpc" transport="http://schemas.xmlsoap.org/soap/http"/>
<operation name="addNums">
<soap:operation/>
<input name="input1">
<soap:body use="literal" namespace="caSOAPSecurity"/>
</input>
<output name="output1">
<soap:body use="literal" namespace="caSOAPSecurity"/>
</output>
</operation>
<operation name="subNums">
<soap:operation/>
<input name="input2">
<soap:body use="literal" namespace="caSOAPSecurity"/>
</input>
<output name="output2">
<soap:body use="literal" namespace="caSOAPSecurity"/>
</output>
</operation>
</binding>
<service name="casaService1">
<port name="casaPort1" binding="tns:casaBinding1">
<soap:address location="http://localhost:9080/SOAPWSService/SOAPWS"/>
</port>
</service>
</definitions>

I would like to know whether the policy is attched only at a binding/service level rather than at an operation level ? Please find the below WSDL for SOAP webservice which is working fine with a single operation.

<?xml version="1.0" encoding="UTF-8"?>
<!-- This file is auto-generated by CASA. Edit its content manually may cause unrecoverable errors. -->
<definitions xmlns="http://schemas.xmlsoap.org/wsdl/"
xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
targetNamespace="caSOAPBC"
xmlns:tns="caSOAPBC" xmlns:ns="http://j2ee.netbeans.org/wsdl/bpelSOAPBC/wsdlArithmeticOperation" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:mysp="http://sun.com/ws/httpbc/security/BasicauthSecurityPolicy" xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<import namespace="http://j2ee.netbeans.org/wsdl/bpelSOAPBC/wsdlArithmeticOperation" location="../jbiServiceUnits/bpelSOAPBC/wsdlArithmeticOperation.wsdl"/>
<portType name="dummyCasaPortType"/>
<binding name="casaBinding1" type="ns:wsdlArithmeticOperationPortType">
<soap:binding style="rpc" transport="http://schemas.xmlsoap.org/soap/http"/>
<operation name="arithmeticOperation">
<soap:operation/>
<input name="input1">
<soap:body use="literal" namespace="caSOAPBC"/>
</input>
<output name="output1">
<soap:body use="literal" namespace="caSOAPBC"/>
</output>
</operation>
</binding>
<service name="casaService1">
<port name="casaPort1" binding="tns:casaBinding1">
<soap:address location="http://localhost:9080/SOAPWSService/SOAPWS"/>
<wsp:PolicyReference URI="#HttpBasicAuthBindingRealmPolicy"/>
</port>
</service>
<wsp:Policy wsu:Id="HttpBasicAuthBindingRealmPolicy">
<mysp:MustSupportBasicAuthentication on="true">
<mysp:BasicAuthenticationDetail>
<mysp:Realm realmName="file" />
</mysp:BasicAuthenticationDetail>
</mysp:MustSupportBasicAuthentication>
</wsp:Policy>
</definitions>

I believe we can do the same in EJB using annotations for each webservice operation ( @RolesAllowed("TEST") ) and map groups to these roles. Do we have any ways to implement in Open Esb ?
Regards,
Kris.

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Kumar Jayanti Guest
Offline
Joined: 2011-04-02
Points: 0

http://weblogs.java.net/blog/kumarjayanti/archive/2009/07/attaching_secu...

On 16-May-2011, at 8:24 PM, forums@java.net wrote:

>
>
> Hi All,
>
> I have created a SOAP WSDL with multiple operations associated to a single
> binding port. Now i would like to set different policies for each operation.
>
> If i have two SOAP operations viz addNums and subNums associated to a single
> binding port type, then i would attach a policy to addNums to look for
> authentication to a File Realm and to subNums to look for authentication to a
> Ldap realm. Is it possible to do that ? Please find the below WSDL.
>
>
>
> <?xml version="1.0" encoding="UTF-8"?>
>
> unrecoverable errors. -->
>
>
> xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
>
> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
>
> targetNamespace="caSOAPSecurity"
>
> xmlns:tns="caSOAPSecurity"
> xmlns:ns="http://j2ee.netbeans.org/wsdl/bpelSOAPLDAPSecurity/wsdlArithmeticOps"
> xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> xmlns:fi="http://java.sun.com/xml/ns/wsit/2006/09/policy/fastinfoset/service"
> xmlns:tcp="http://java.sun.com/xml/ns/wsit/2006/09/policy/soaptcp/service"
> xmlns:sc="http://schemas.sun.com/2006/03/wss/server"
> xmlns:wspp="http://java.sun.com/xml/ns/wsit/policy"
> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
>
> namespace="http://j2ee.netbeans.org/wsdl/bpelSOAPLDAPSecurity/wsdlArithmeticOps"
> location="../jbiServiceUnits/bpelSOAPLDAPSecurity/wsdlArithmeticOps.wsdl"/>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> I would like to know whether the policy is attched only at a binding/service
> level rather than at an operation level ? Please find the below WSDL for SOAP
> webservice which is working fine with a single operation.
>
>
>
> <?xml version="1.0" encoding="UTF-8"?>
>
> unrecoverable errors. -->
>
>
> xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
>
> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
>
> targetNamespace="caSOAPBC"
>
> xmlns:tns="caSOAPBC"
> xmlns:ns="http://j2ee.netbeans.org/wsdl/bpelSOAPBC/wsdlArithmeticOperation"
> xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> xmlns:mysp="http://sun.com/ws/httpbc/security/BasicauthSecurityPolicy"
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>
> namespace="http://j2ee.netbeans.org/wsdl/bpelSOAPBC/wsdlArithmeticOperation"
> location="../jbiServiceUnits/bpelSOAPBC/wsdlArithmeticOperation.wsdl"/>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> I believe we can do the same in EJB using annotations for each webservice
> operation ( @RolesAllowed("TEST") ) and map groups to these roles. Do we have
> any ways to implement in Open Esb ?
>
> Regards,
>
> Kris.
>
>
>
>
>
>
> --
>
> [Message sent by forum member 'phani16']
>
> View Post: http://forums.java.net/node/802622
>
>