Can CE-Mediator used to apply WS security on Outbound SOAP Requests?

Akshith_Arremreddy1 · October 17, 2014, 9:11pm

We have a WSDL from a partner who implemented WS Security on their web service.

Can we import this WSDL in to Centrasite and virtualize it and then use the VS WSDL to create a consumer WSD in our webMethods env?
Can WM just handle the plain SOAP Request\Responses and send the SOAP Request to CS-Mediator(VS WSDL) which can apply WS Security to outbound SOAP Request before routing it to our partner?

outbound request:
WM consumer WSD->CS-Mediator VS(apply WS Security)->Partner(Datapower) Provider

I know SOA Gateway tool can do both provider and consumer WS Security policy and was wondering if we can do the same thing using CS-Mediator.

Seshasai_Bhootadi · October 20, 2014, 7:38am

Hello Akshith,

Usage of the WS-Securiuty policies in CentraSite-Mediator can be found here.

http://techcommunity.softwareag.com/pwiki/-/wiki/Main/Tutorials+for+using+Security+Policies+in+Mediator

Let us know if this would help.

Thanks,
Sai

Akshith_Arremreddy · October 20, 2014, 2:18pm

Sai,

Thanks for the link but i already went through them and all those policies can be applied only when we(WM) are the provider of the web service. In my case i am a consumer of a third party WSDL(Data power).

I am not looking for PEP, which i am pretty sure Mediator does. I am trying to find out if CS-Mediator can implement WS Security for outgoing SOAP request from webMethods. In other words, CS should apply the WS Security while sending request to the consumer.

Cheers,
Akshith

system · October 20, 2014, 2:31pm

To add an outbound WS-Sec header you need to use a ESB Request processing step to add the header using the security API. Please have a look at http://techcommunity.softwareag.com/ecosystem/documentation/webmethods/wmsuites/wmsuite9-7/CentraSite/webhelp/index.html#page/com.softwareag.cs.webhelp/to-invoking_webmethods_is_services_in_virtualized_services_3.html# and there go to “Using the Security API in webMethods IS Services”

Daniel

Akshith_Arremreddy · October 20, 2014, 2:36pm

Thanks Daniel,

I have used the add AddTimeStamp and the Addx509Token services in a wrapper service and used it in the ESB request processing setp. If i have to sign parts of the SOAP request with the certificate, does Mediator package provide anything to do it?

Cheers,
Akshith

Topic		Replies	Views
Best approach for webservices security in webmethods 8 webMethods , API-Management , SOA	5	1563	April 2, 2021
Authenticate consumers throw WS-Security & LDAP webMethods , API-Management , SOA	1	1027	April 2, 2021
Need to send signed SOAP message request to partner webMethods , API-Management , SOA	6	1062	April 2, 2021
adding a wsse:security element to the SOAP header using policy and handler webMethods , B2B-Integration , Integration-Server-and-ESB	22	16089	April 2, 2021
WS-Security-Configuration issue. webMethods , API-Management , SOA	6	3052	April 2, 2021

Can CE-Mediator used to apply WS security on Outbound SOAP Requests?

Related topics