Hi all, When deploying a proxy service, WSDL can be defined with the parameter publishWSDL. However if the WSDL is secured, ESB received a 401 error and failed to deploy the proxy service. One thing we can do is that, we can add a user name and parameter as below to access the basic auth secured WSDL.(however below url is not working due to a minor bug in the code. Need a fix to get it worked.).
<publishWSDL uri="http://user:password@localhost:8282/securewsdl?wsdl"/> But again it failed to get access the wsdl when the wsdl contain secured xsd imports. So a secured wsdl with secured xsd import can not be used in ESB as a proxy service WSDL. There are two options we can improve the code ESB to get the scenario working. 1) defined the wsdl url as bellow and get the username and password from base url then add the Authorization header for all the xsd imports urls when calling xsd references. <publishWSDL uri="http://user:password@localhost:8282/securewsdl?wsdl"/> *Limitation*: If we define the username and password as above, the password can not be encrypt with secure vault as it become a malformed url when creating the URL object. 2) Introduce a new parameter(wsdl.security.basicauth) to get the Authorization header value and add the Authorization header when ever making a http call for wsdl and xds references. Then we can encrypt the parameter for securing the given password. However we have to implement securing proxy service parameters with wso2 secure vault since it is not available with current implementation. Is there any other alternative to get above scenario working, appreciate your thoughts. [1] https://wso2.org/jira/browse/ESBJAVA-5054 Thanks, Nuwanw -- Nuwan Wimalasekara Associate Technical Lead WSO2, Inc.: http://wso2.com lean. enterprise. middleware phone: +94 71 668 4620
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
