CODEWITHSUNDEEP
wso2ws-security
ikedaSan
ikedaSan

Reputation: 51

How do we implement this ws-security policy in WSO2 ESB 5.0

We have to implement a proxy service based in a wsdl, and we have to use a security policy like this

<localEntry xmlns="http://ws.apache.org/ns/synapse" key="policy">
      <wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SigOnly">
         <wsp:ExactlyOne>
            <wsp:All>
               <sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                  <wsp:Policy>
                     <sp:InitiatorToken>
                        <wsp:Policy>
                           <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
                              <wsp:Policy>
                                 <sp:WssX509V3Token10/>
                                 <!-- sp:WssX509V3Token10/ --></wsp:Policy>
                           </sp:X509Token>
                        </wsp:Policy>
                     </sp:InitiatorToken>
                     <sp:RecipientToken>
                        <wsp:Policy>
                           <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
                              <wsp:Policy>
                                 <sp:WssX509V3Token10/>
                                 <!-- sp:WssX509V3Token10/ --></wsp:Policy>
                           </sp:X509Token>
                        </wsp:Policy>
                     </sp:RecipientToken>
                     <sp:AlgorithmSuite>
                        <wsp:Policy>
                           <sp:TripleDesRsa15/>
                        </wsp:Policy>
                     </sp:AlgorithmSuite>
                     <sp:Layout>
                        <wsp:Policy>
                           <sp:Strict/>
                        </wsp:Policy>
                     </sp:Layout>
                     <sp:IncludeTimestamp/>
                     <sp:ProtectTokens/>
                     <sp:OnlySignEntireHeadersAndBody/>
                  </wsp:Policy>
               </sp:AsymmetricBinding>
               <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                  <wsp:Policy>
                     <sp:MustSupportRefKeyIdentifier/>
                     <sp:MustSupportRefIssuerSerial/>
                  </wsp:Policy>
               </sp:Wss10>
               <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                  <sp:Body/>
               </sp:SignedParts>
            </wsp:All>
         </wsp:ExactlyOne>
      </wsp:Policy>
   </localEntry>

How can we do? what steps we have to follow to implement it? do we need any rampart configuration??

Thanks in advance.

Upvotes: 0

Views: 664

Answers (1)

Jorge Infante Osorio
Jorge Infante Osorio

Reputation: 2153

You need to use the WSO2 Developer Studio IDE for this task...

  • Step 1: Create a registry resource project for store your policy.

  • Step2: Apply the security policy to your proxy service.

  • Step 3: Create a composite application and deploy the proxy and the security policy to the WSO2 ESB.

Take a look a this: https://docs.wso2.com/display/ESB500/Applying+Security+to+a+Proxy+Service

Upvotes: 1

Related Questions