Example: Using a Web Services (SOAP) Input Adapter with Transport Level Security
Set up a Web Services (SOAP) Input adapter that uses transport level username/token security and communicates over HTTPS.
Prerequisites
Context
The steps below result in the creation of a keystore. Provide a password for the user "sybase" but do not change the username.
Procedure
- Install Apache Tomcat.
- Ensure that the JDK_HOME environment variable is properly set. If it is not, you can set it using set_example_env.bat or set_example_env.sh.
- Run create_server_keystore <YOURSTOREPASSWORD> to create a
server.jks. Answer "localhost" to "What is your first and last
name".
The server.jks is created under the current working directory. The Tomcat SSL HTTP connector and Web Services (SOAP) adapter use the server.jks to set up the HTTPS connection between them.
- Add the following to the tomcat/conf/server.xml file:
<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" keystoreFile="ESP_INSTALL\adapters\webservices\examples\input_transportUT\server.jks" keystorePass="YOURSTOREPASSWORD" clientAuth="false" sslProtocol="TLS" /> - Add Apache Axis2™ to Tomcat. Copy axis2.war to
tomcat/webapps, and start Tomcat.Axis2 is automatically unzipped.
- Copy the files in rampart/modules to tomcat/webapps/axis2/WEB-INF/modules.
- Copy the files in rampart/lib to tomcat/webapps/axis2/ WEB-INF/lib.
- Add the following to the
<Tomcat>\webapps\axis2\WEB-INF\conf\axis2.xml
file:
<transportReceiver name="https" class="org.apache.axis2.transport.http.AxisServletListener"> <parameter name="port">8443</parameter> </transportReceiver>
- Modify the adapter_config.xml file as follows:
<security> <sslTrustStore>server.jks</sslTrustStore> <sslTrustStorePassword>YOURSTOREPASSWORD</sslTrustStorePassword><!--Change the element to the same as your input--> <TransportUsernameToken> <credentials> <!-- The user value should not be changed in this adapter example --> <User>sybase</User> <!-- The password value shall match with the parameter "TransportUTPassword" in service.xml--> <Password encrypted="false">YOURPASSWORD</Password><!--Change the element to the same as your input--> <EncryptionAlgorithm>RSA</EncryptionAlgorithm> </credentials> </TransportUsernameToken> </security>Set <User> and <Password> to the username and password used by node1 in $STREAMING_HOME/cluster/examples:
<EspProjects> <EspProject> <Name>StockTraderProject</Name> <Uri>esp[s]://localhost:19011/w1/p1</Uri> <Security> <User>user</User> <Password>password</Password> <AuthType>user_password</AuthType>Note In order to use SSL on the ESP server, the JDK specified in Step 8 needs to be version 8 or higher. If SSL is enabled, edit the esp:// prefix in the Uri to esps://. - Run ant create_sample_aar to create the sample .aar file.
- Remove any StockTraderService_noSec.aar or StockTraderService_messageUT.aar files from the adapter examples/service directory if you previously ran those examples.
- Copy the examples/service/StockTraderService_transportUT.aar file to the tomcat/webapps/axis2/WEB-INF/services directory under your Web server.
- Modify set_example_env.bat or set_example_env.sh to set ADAPTER_EXAMPLE_USERNAME and ADAPTER_EXAMPLE_PASSWORD to the desired user name and password combination, and set ADAPTER_EXAMPLE_CLUSTER_NODE_PROTOCOL to esps if SSL is enabled or esp if SSL is disabled.
- Start the Web server.
- Start the node by running the start_node.bat or start_node.sh script.
- Start the project by running the start_project.bat or start_project.sh script.
- Subscribe to the stream in the project by running the subscribe.bat or subscribe.sh script.
- Start the adapter by running the
start_adapter.sh or start_adapter.sh
script.Data begins flowing in the subscription window.