WSO2 ESB-已实现ws安全的代理服务

Question

I have a question about registering an existing web service with ws security implemented in wso2.

This image represent what i have and what I need.

I use the client to invoke original service and everything is ok. I create a proxy service (Pass Through Proxy) with the existing WSDL and when I invoke the service with the same client (I change wsdl and end point in the client) the response is:

    <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
   <env:Header></env:Header>
   <env:Body>
      <env:Fault xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
         <faultcode>wsse:InvalidSecurity</faultcode>
         <faultstring>Missing &lt;wsse:Security&gt; in SOAP Header</faultstring>
         <faultactor></faultactor>
      </env:Fault>
   </env:Body>
</env:Envelope>

I need to implement any policy or make another configuration for this scenario????

I'm using wso2carbon (wso2esb-4.8.1).

Thankyou

Answer 1

If you need to secure a proxy service you will have to configure security by adding a policy to the proxy service. This way the client connecting to the proxy service will have to have security headers as defined in the policy file. refer to this documentation .

If you need to connect a unsecured client to a secured backend through a proxy service, you will have to secure the endpoint for that proxy service by giving a policy file as defined by the backend. This way the client will not send any security headers in the request, but the ESB will add the corresponding headers when the request is sent to the backend. See QOS section of this