IBM webMethods Hybrid Integration

IBM webMethods Hybrid Integration

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

  • 1.  Username token policy with webService provider

    Posted Wed April 27, 2016 02:40 PM

    Hi Al,

    I am trying to do a poc on webServices along with policies. My need is create a webService provider, add a
    username token policy to it, share the WSDL to the consumer to enforce to follow the policy. I am using wM9.7 version

    Created a simple flow service, created a webService provider to it and placed the ( policy file ) at
    \IntegrationServer\instances\default\config\wss\policies location.
    After this, opened the provider WSD in designer, clicked on policies tab, right click and selected the username token policy.

    When I observed WSDL URL, I can see wp:Policy section but when I tried to consume the same in Soap, I didn’t see any sort of security related enforcement.

    Below is the policy which I did use:

    Username_Token.policy

    <wsp:Policy wsu:Id=“Username_token” Name=“Username_token”
    xmlns:wsu=“http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd”
    xmlns:wsp=“Web Services Policy Framework (WS-Policy) and Web Services Policy Attachment (WS-PolicyAttachment)”>

    wsp:ExactlyOne
    wsp:All
    <sp:SignedSupportingTokens xmlns:sp=“Web Services Security Policy Language (WS-SecurityPolicy)”>
    wsp:Policy
    <sp:UsernameToken sp:IncludeToken=“WS-SecurityPolicy Token Inclusion Mechanism”>
    </sp:UsernameToken>
    </wsp:Policy>
    </sp:SignedSupportingTokens>
    </wsp:All>
    </wsp:ExactlyOne>
    </wsp:Policy>

    Please help me what did I miss ?

    Thanks for your time and support.

    Thanks,
    RP


    #API-Management
    #soa
    #webMethods


  • 2.  RE: Username token policy with webService provider

    Posted Wed April 27, 2016 06:09 PM

    As in consumer WSD, you also need to explicitly assign policy under the policies tab.
    It won’t pick up the policy from WSDL directly.

    I guess they don’t want to just support any policy coming from other systems that are embedded in the WSDL file.
    HTH,


    #soa
    #API-Management
    #webMethods


  • 3.  RE: Username token policy with webService provider

    Posted Fri April 29, 2016 09:20 AM

    Yes, as part of SOAP tool as well, option exist to make to “Add WSS username token”, better try in that way.

    Thanks,


    #API-Management
    #soa
    #webMethods


  • 4.  RE: Username token policy with webService provider

    Posted Sat April 30, 2016 04:33 AM

    Thank you both, I tried and its working.

    Thanks,
    RP


    #webMethods
    #soa
    #API-Management


  • 5.  RE: Username token policy with webService provider

    Posted Fri May 19, 2017 12:11 PM

    I added policy in consumer wsdl and provided the credentials in message level. But still i am getting below error.
    Integration broker response
    status code-20
    MessageID -535
    Meesage- user Password required for service operation

    below policy file i have put in the server.

    <wsp:Policy wsu:Id=“UsernameTokenSecurityPolicyPasswordRequired” Name=“Username token required”
    xmlns:wsp=“Web Services Policy Framework (WS-Policy) and Web Services Policy Attachment (WS-PolicyAttachment)”
    xmlns:wsu=“http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd”>
    wsp:ExactlyOne
    wsp:All
    <wsse:SecurityToken wsp:Usage=“wsp:Required” xmlns:wsse=“http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd”>
    wsse:TokenTypewsse:UserNameToken</wsse:TokenType>




    </wsse:SecurityToken>
    </wsp:All>
    </wsp:ExactlyOne>
    </wsp:Policy>

    Please help ASAP.


    #soa
    #webMethods
    #API-Management


Related Content