Hi Rajeevan, Proxy can contain both http and https transports depending on the security scenario. For an example UTOverTransport case only https is allowed and for scenarios like SignOnly etc, both http and https should be there.
On Mon, Sep 21, 2015 at 2:24 PM, Rajeevan Vimalanathan <[email protected]> wrote: > Hi, > > The default transports for a secure proxy created through Developer Studio > are HTTP and HTTPS. And there is a public JIRA [1] mentioning that only > HTTPS transport should be allowed for a secure proxy. But when we create a > secure proxy through ESB management console, the default transport values > are HTTP and HTTPS same as Developer Studio. So should it be fixed at > Developer Studio to use only HTTPS as the transport? > > Appreciate your inputs. > > Sample ESB proxy config, > > <proxy xmlns="http://ws.apache.org/ns/synapse"; > name="testsecure" > *transports="http,https"* > statistics="disable" > trace="disable" > startOnLoad="true"> > <target> > <inSequence> > <header xmlns:wsse=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd > " > name="wsse:Security" > action="remove"/> > </inSequence> > <outSequence> > <send/> > </outSequence> > <endpoint> > <address uri="https://test.com"/> > </endpoint> > </target> > <enableSec/> > <policy > key="conf:/repository/components/org.wso2.carbon.security.mgt/policy/scenario1"/> > <description/> > </proxy> > > Sample Developer Studio proxy config, > > <?xml version="1.0" encoding="UTF-8"?> > <proxy name="TestSecure" startOnLoad="true" trace="disable" > *transports="https http"* xmlns="http://ws.apache.org/ns/synapse";> > <target> > <endpoint > name="endpoint_urn_uuid_8c25b551-87a9-40b8-80f6-e1f0bd74483b"> > <address trace="disable" uri="https://test.com"/> > </endpoint> > <inSequence> > <header action="remove" name="wsse:Security" scope="default" > xmlns:wsse=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd > "/> > </inSequence> > <outSequence> > <send/> > </outSequence> > <faultSequence/> > </target> > <policy key=""/> > <policy key="gov:ws-policy/Test.xml"/> > <enableSec/> > </proxy> > > [1] https://wso2.org/jira/browse/TOOLS-1636 > > Thanks, > Rajeevan > > -- > Vimalanathan Rajeevan > Software Engineer, > WSO2, Inc. *http://wso2.com* <http://wso2.com> > Lean.Enterprise.Middleware > > Mobile: > *+94 773090875 <%2B94%20773090875>* > LinkedIn: > *https://www.linkedin.com/in/RajeevanVimalanathan > <https://www.linkedin.com/in/rajeevanvimalanathan>* > -- *Isuru Udana* Associate Technical Lead WSO2 Inc.; http://wso2.com email: [email protected] cell: +94 77 3791887 blog: http://mytecheye.blogspot.com/
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
