WSO2 EI 和 WSO2 Developer - 使用 http 基本身份验证设置 ESB 代理 [英] WSO2 EI and WSO2 Developer - Setup an ESB Proxy with http basic authentication
问题描述
我正在使用 WSO2 EI 6.3.0 和 WSO2 Developer Studio 3.8.0.
我正在使用 ESB 项目和其中的代理服务.
I'm using WSO2 EI 6.3.0 and WSO2 Developer Studio 3.8.0.
I'm working with an ESB Project and a Proxy Service inside it.
代理服务是一个简单的直通服务;它接收来自 webapp 的请求并将其转发给Soap Web Service,从 WS 获取响应并给出它返回到网络应用程序.
The Proxy service is a simple pass through service; it receives a request from a webapp and forward it to a Soap Web Service, gets the response from the WS and gives it back to the web app.
我按照本教程实现了这个配置:
https://youtu.be/3OsuGhEMQgc
I realized this configuration following this tutorial:
https://youtu.be/3OsuGhEMQgc
设置非常简单,一切正常,直到我发现端点具有 http 基本身份验证的 Web 服务.
The setup is very simple, everything worked fine until I found a web service whose endpoint has http basic authentication.
多亏了这篇文章,我才成功:
https://medium.com/@Jenananthan/wso2-esb-how-to-invoke-basic-auth-protected-endpoint-service-5bcdd8290cb4
I made it work thanks to this article:
https://medium.com/@Jenananthan/wso2-esb-how-to-invoke-basic-auth-protected-endpoint-service-5bcdd8290cb4
下面是描述代理服务的xml:
Here follows the xml that describes the proxy service:
<?xml version="1.0" encoding="UTF-8"?>
<proxy name="ProxyWithBasicAuth" startOnLoad="true" trace="disable" transports="https" xmlns="http://ws.apache.org/ns/synapse">
<target>
<endpoint name="endpoint_urn_uuid_xxxxxxxx-yyyy-zzzz-1111-234567892345">
<address trace="disable" uri="https://here.goes.the.uri.of.the.ws.endpoint"/>
</endpoint>
<inSequence>
<property value="this_is_the_username" name="username" scope="default" type="STRING"/>
<property value="this_is_the_password" name="password" scope="default" type="STRING"/>
<property expression="fn:concat($ctx:username,':',$ctx:password)" name="credentials" scope="default" type="STRING"/>
<property expression="fn:concat('Basic ', base64Encode($ctx:credentials))" name="Authorization" scope="transport" type="STRING" xmlns:ns="http://org.apache.synapse/xsd"/>
</inSequence>
<outSequence>
<send/>
</outSequence>
<faultSequence/>
</target>
</proxy>
所以,这个配置(xml 文件)正在工作,但我写了所有无需使用 gui 的任何视觉或拖放元素即可启用基本身份验证的部分.
So, this configuration (xml file) is working, but I wrote all the section that enables basic auth without using any visual or drag and drop element of the gui.
我的问题是:
1) 这是在代理服务上设置基本身份验证的正确方法吗?
2) 是否有任何 gui(拖放)元素可以直观地进行此设置?
注意:我不需要在客户"和 ESB 代理服务;这个问题是关于基本的ESB 代理服务和外部"Web 服务之间的身份验证.
Note: I do not need to struggle with basic authentication between "clients" and the ESB Proxy Service; this question is about basic authentication between ESB Proxy Service and an "external" web service.
推荐答案
你所做的是正确的.要调用使用 Basic Auth 保护的服务,我们只需将 Authorization 标头设置为消息.您可以使用 Header Mediator[1] 或 Property mediator(您已经使用过)来执行此操作.没有专门用于设置 Authorization 标头的特殊 Mediator(或工具中的 GUI 元素).
What you have done is correct. To invoke a service secured with Basic Auth, we just have to set the Authorization header to the message. You could use Header Mediator[1] or the Property mediator (as you have already used) to do that. There is no special Mediator (or a GUI element in the Tool) specifically designed for setting the Authorization header.
顺便说一句,您可以考虑将密码存储在安全保险库[2] 中,而不是在 Synapse 配置中以纯文本形式保存密码.
Btw, you could consider storing passwords in the secure-vault[2] rather than having it in plain text in the Synapse configuration.
[1] https://docs.wso2.com/display/EI640/标头+中介[2] https://docs.wso2.com/display/EI640/Working+with+Passwords+in+the+ESB+profile
这篇关于WSO2 EI 和 WSO2 Developer - 使用 http 基本身份验证设置 ESB 代理的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
