[Users] How to provide to Petals a webservice with wss security
Christophe DENEUX [via Petals Forums]
ml-node+s974793n4025231h35 at n3.nabble.com
Thu Jul 26 17:20:20 CEST 2012
Hi Philip,
That your are doing is not a best practice in the SOA world and is not
supported by Petals.
You should consider the Petals ESB container (provider side of BC SOAP) as a
trustworthy domain against your external webservice. And you should declare
a dedicated user to Petals on your external webservice.
And so, you should declare WSS on the consume side to secure your new
endpoint. Probably, your web service client is a webapplication or
equivalent, so you need to declare a dedicated user for your client
application that will authenticate the real user.
So, you can re-expose easily the service with several protocol (file, mail,
...) using a new SU 'consume' and its BC, and your are completely flexible
(your client is not impacted by a change of the provider).
I hope that my explanations are clear
-----
Christophe DENEUX
Linagora
Twitter: @ChrisDENEUX
_______________________________________________
If you reply to this email, your message will be added to the discussion below:
http://forum.petalslink.com/How-to-provide-to-Petals-a-webservice-with-wss-security-tp4025230p4025231.html
To start a new topic under Users (get help, provide help), email ml-node+s974793n2681628h42 at n3.nabble.com
To unsubscribe from Users (get help, provide help), visit http://forum.petalslink.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=2681628&code=dXNlcnNAZm9ydW0ucGV0YWxzbGluay5vcmd8MjY4MTYyOHwtOTE3MDU0NjU4
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://forum-list.petalslink.org/pipermail/users/attachments/20120726/aed0350d/attachment.html>
More information about the Users
mailing list