Thursday, November 1, 2012

OSB, http basic authentication and OWSM policy

OWSM and OSB are bundled together after-fact. So OSB doesn't support some of the security policies that comes with OWSM.

However, it is misleading that OSB allows you to attach any OWSM policy to your proxy,but  that doesn't mean it will actually work. It took me a while to find out that the simplest of all: OWSM "wss_http_token_service_policy" does not work in OSB!

However, not all is lost. OSB actually supports http basic authentication out of box without OWSM. You just need to go to "HTTP Transport Configuration" tab in your proxy configuration page, check that "basic authentication" checkbox.

Then the caller needs to add a HTTP header like:
     Authorization: Basic d2VibG9naWM6d2VsY29tZTE=
where d2VibG9naWM6d2VsY29tZTE= is base64 encoded user:password, in this example, it's "weblogic:welcome1". You are not required to encode it, but it's the common practice.

You can base64 encode your stuff online from here: http://www.base64decode.org/

that's all.
Posted by at
Labels: , ,

7 comments:

  1. Craig RieckeNovember 15, 2012 at 7:57 AM

    Hey Yuan! Why would ever need to attach a client policy to a proxy? A proxy is an incoming entity. That would be like attaching a client policy to a service endpoint in BPEL (which jDev won't let you do). Client policies are for outgoing references - e.g. business services. If you attach the client policy to a biz service, then call THAT from your proxy, everything is cool.

    ReplyDelete
  2. Yuan MengNovember 15, 2012 at 8:30 AM

    Ah, Craig, that's an excellent catch. I meant by "wss_http_token_service_policy". Just made the correction. Thanks!

    ReplyDelete
  3. Simon CuttsMay 22, 2013 at 8:24 AM

    Yuan

    You genius!

    The 'Authorization: Basic' was the piece in the puzzle I was missing to dynamically set a custom token in the HTTP Header of OSB

    Thank you

    ReplyDelete
  4. PRAKASH KALEAugust 12, 2016 at 8:59 AM

    So many thanks!!! for this simple working stuff.

    ReplyDelete
  5. Rafael ReuberOctober 9, 2016 at 12:17 PM

    Hi, thank your for share. But it does not work for me.

    ReplyDelete
  6. UnknownNovember 29, 2016 at 12:56 PM

    Hello Yuan ...the blog is excellent.However I am new to this OSB thing .Can you little elaborate how this works in transport layer ? Whether a user/pwd needs to be configured with in security realm? How can I map a particular UAN to particular px? .thanks in advance SUBHODiP

    ReplyDelete
  7. UnknownSeptember 26, 2018 at 11:26 PM

    how to add the http header(Authorization: Basic) from "HTTP Transport Configuration" tab?

    ReplyDelete

Subscribe to: Post Comments (Atom)