X hits on this document

312 views

0 shares

7 downloads

0 comments

12 / 19

Configuration – Secure conversation

  • If the WS-SecureConversation is needed.

    • A separate service is needed to process request to “/RequestSecurityToken”

    • Don’t forget the WS-SC wsdl file, it needs to use the same template as the backend service.

<wsdl:portType name="Test"> <wsdl:operation name="RequestSecurityToken">

<wsp:PolicyReference URI="store:///policies/templates/dotnet/wsp-sp-1-2- ws2007FederationHttpBinding.xml#symmetric-saml20- endorsed-x509"/>

<wsdl:input message="tns:RequestSecurityToken"/>

<wsdl:output message="tns:RequestSecurityTokenResponse"/>

</wsdl:operation> </wsdl:portType>

12

DataPower WCF integration

© 2010 IBM Corporation

A sample wsdl to handle secure conversation is as follows : <?xml version="1.0" encoding="utf-8"?> <wsdl:definitions targetNamespace="http://schemas.xmlsoap.org/ws/2005/02/trust" xmlns:tns="http://schemas.xmlsoap.org/ws/2005/02/trust" xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:echo="http://com/ibm/was/wssample/sei/echo/" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:wsp="http://www.w3.org/2006/07/ws-policy" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> <wsdl:types> <xs:schema targetNamespace="http://schemas.xmlsoap.org/ws/2005/02/trust" blockDefault="#all" elementFormDefault="qualified"> <xs:element name="RequestSecurityToken"> <xs:complexType> <xs:sequence> <xs:any namespace="##any" maxOccurs="unbounded"/> </xs:sequence> <xs:anyAttribute namespace="##any" processContents="lax"/> </xs:complexType> </xs:element> <xs:element name="RequestSecurityTokenResponse"> <xs:complexType> <xs:sequence> <xs:any namespace="##any"/> </xs:sequence> </xs:complexType> </xs:element> </xs:schema> </wsdl:types> <!-- Message part definitions for the bootstrap request/response.

  • --

    >

<wsdl:message name="RequestSecurityToken">

<wsdl:part name="Body" element="tns:RequestSecurityToken"/> </wsdl:message> <wsdl:message name="RequestSecurityTokenResponse">

<wsdl:part name="Body" element="tns:RequestSecurityTokenResponse"/> </wsdl:message> <!-- Endpoint/operation definition for bootstrap messages

Policy attach here must include

  • --

    >

<wsdl:portType name="Test"> <wsdl:operation name="RequestSecurityToken"> <wsp:PolicyReference URI="store:///policies/templates/dotnet/wsp-sp-1-2-ws2007HttpBinding.xml#symmetric-kerberos-sc-basic128"/> <wsdl:input message="tns:RequestSecurityToken"/> <wsdl:output message="tns:RequestSecurityTokenResponse"/> </wsdl:operation> </wsdl:portType> <wsdl:binding name="T1Binding" type="tns:Test"> <soap12:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/> <wsdl:operation name="RequestSecurityToken"> <!-- <soap12:operation soapAction="http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT"/> <soap12:operation soapAction="http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel"/>

  • --

    >

<!-- attach the application binding to the wsdl:input and wsdl:output, so the policy framework can figure out how to deal with other traffic, others than the Issue

  • --

    >

<wsdl:input> <wsp:PolicyReference URI="store:///policies/templates/dotnet/wsp-sp-1-2-ws2007HttpBinding.xml#input"/> <soap12:body use="literal"/> </wsdl:input> <wsdl:output> <wsp:PolicyReference URI="store:///policies/templates/dotnet/wsp-sp-1-2-ws2007HttpBinding.xml#output"/> <soap12:body use="literal"/> </wsdl:output> </wsdl:operation> </wsdl:binding> <wsdl:service name="Test"> <wsdl:port name="BootstrapPort" binding="tns:T1Binding"> <soap12:address location="https://www.soaphub.org/RequestSecurityToken"/> </wsdl:port> </wsdl:service> </wsdl:definitions>

380DataPowerWCFIntegration.ppt

Page 12 of 19

Document info
Document views312
Page views451
Page last viewedSun Dec 04 08:49:13 UTC 2016
Pages19
Paragraphs430
Words3061

Comments