Exposing Security Context
This sample describes how to expose the security context on SOAP/HTTP. In this sample, the following processes communicate with each other:
-
Provider.bwp: Provides a SOAP service.
-
Consumer.bwp: Consumes the SOAP service provided by the Provider process.
The service provider verifies the signature on request.
- Procedure
- In the samples directory, select policy > exposesecuritycontext > SoapHttp and double-click tibco.bw.sample.policy.soap.exposesecuritycontext.module.zip. For more information, see Accessing Samples.
- In the Project Explorer pane, expand the tibco.bw.sample.policy.soap.exposesecuritycontext.module.
- Set the default application profile to match the OS you are using. For more information, see Setting the Default Application Profile.
- Click Run > Debug Configurations.
- At the left tree of Debug Configuration wizard, expand BusinessWorks Application and select BWApplication.
- Click the Applications tab and click the Deselect All button if you have multiple applications.
- Select the checkbox next to tibco.bw.sample.policy.soap.exposesecuritycontext.module.application.
- Click Debug. This runs the sample in the Debug mode.
The file exposeSecurityContext.txt is generated in the c:\tmp\policy directory on the Windows platform, or /tmp/policy directory on the Unix platform.
Open the exposeSecurityContext.txt file in a text editor. The default contents of the file are outlined below:
The Response from Service Provider:
Welcome you Bob
Understanding the Configuration
The following processes interact with each other in this project:
- Provider.bwp: To ensure the signature verification in the incoming request message, a WSS Provider policy configured for integrity is associated with the service side of this process. Get Context Activity is used to expose Security (WSSE) context parameters.
-
Consumer.bwp: To ensure the outbound request message to Provider is signed, a WSS Consumer policy configured for integrity is associated with the reference side of this process.
