I use mule-standalone-3.3.0 CE. I create pattern web service proxy, and my config:
<pattern:web-service-proxy name="WebService"
wsdlLocation="http://www.tset.com/WebService/Tse.asmx?WSDL"
inboundAddress="http://localhost:8084/test"
outboundAddress="http://www.tset.com/view" />
I want to put username and password on my new wsdl (http://localhost:8084/test?wsdl).
What is the best way for do that?
I know some way such as: "using spring security" but I don't know this way is good or no.
and I have a problem about spring security:
I don't know how to set SoapUi? I don't know how to send authentication headers within my soapUI?
The web service pattern can be defined in an extended way that allows the definition of child elements. By using it you will be allowed to define the security filter leveraging spring security
Your pattern configuration should look like the following:
<pattern:web-service-proxy name="WebService"
wsdlLocation="http://www.tset.com/WebService/Tse.asmx?WSDL">
<http:inbound-endpoint address="http://localhost:8084/test" >
<mule-ss:http-security-filter realm="mule-realm"/>
</http:inbound-endpoint>
<http:outbound-endpoint address="http://www.tset.com/view" />
</pattern:web-service-proxy>
Related
The Orbeon Proxy Portlet allows form selection via URL parameters. It would be preferable if the parameters were not included in the URL. I thought I might be able to use a public render parameter as described in the Liferay documentation but it looks like the proxy portlet isn't configured that way.
Looking at OrbeonProxyPortlet.scala I see this method is used to retrieve the URL parameters:
private def portalQuery(request: PortletRequest) =
collectByErasedType[String](request.getAttribute("javax.servlet.forward.query_string")) map decodeSimpleQuery getOrElse Nil
Could this method be modified to combine that map with the map returned by PorletRenderRequest.getParameterMap() or PorletRenderRequest.getPublicParameterMap()?
Or perhaps there could be another init-param like enable-url-parameters, for example, enable-inter-portlet-parameters?
This would also require the following configuration in the portlet.xml:
<supported-public-render-parameter>orbeon-app</supported-public-render-parameter>
<supported-public-render-parameter>orbeon-form</supported-public-render-parameter>
<supported-public-render-parameter>orbeon-document</supported-public-render-parameter>
<supported-public-render-parameter>orbeon-page</supported-public-render-parameter>
As you noticed, currently this is not implemented, and I don't think there is a way without modifying the code of OrbeonProxyPortlet.scala. But yes, it would make sense to make this work, and in fact the option was considered in issue #1850.
In case of login errors with Spring Boot Security: Both ${param.error} and ${param.logout} work with Thymeleaf - but how do I access them with e.g. Velocity?
OK, I wasn't aware that $param represents URL params. So ${param.error} and ${param.logout} are not generated from Spring Security, they are Thymeleaf-specific - meaning: one has to rebuild this for Velocity, they are not available out of the box
I have one simple requirement and I am not able to find the URL pattern which will suit it. I have the spring security plugin all configured and working fine. A new requirement came up where:
My application context is: http:///ramaApp. Now here is how the roles should work:
http:///ramaApp, http:///ramaApp/controller1, http:///ramaApp/controller2 etc should be accessible to ROLE-A, ROLE-B, ROLE-C
http:///ramaApp can be accessed by ROLE-Z too. But he shouldn't be able to access the rest of the URL patterns. That means, he can only access the application context but not any further controller URLs.
URL: appName/* should work for certain roles ( eg ROLE-A, ROLE-B and ROLE-C )
URL: appName/a*, appName/b*, appName/c* ... appName/z* i.e any controller shouldn't be accessible for some roles ( eg ROLE-Z ).
I am configuring the URL mapping to roles in the database table RequestMap. How do I configure the above requirement in the RequestMap table i.e the config_attribute and url columns?
Any help is appreciated.
I'm new to Spring security. Now I'm reading its documentation. I have a question regarding to its filter chain url patterns:
As explained in the document:
it's possible to use multiple http elements to define different security configurations for different URL patterns. Each element creates a filter chain within the internal FilterChainProxy and the URL pattern that should be mapped to it. The elements will be added in the order they are declared, so the most specific patterns must again be declared first.
it also gives an example:
<!-- Stateless RESTful service using Basic authentication -->
<http pattern="/restful/**" create-session="stateless">
<intercept-url pattern='/**' access='ROLE_REMOTE' />
<http-basic />
</http>
what I don't understand is:
A URL pattern "/restful/**" is already configured for the http tag, it means all request matching this pattern will be handled by the filter chain inside this http tag. However why it gives a "match all" pattern: "/**" to the intercept-url tag?
Isn't it duplicated?
Also, if really want to give another pattern, isn't "/restful/**" better? Cause "/**" will match URLs that will not match "/restful/**" and thus not be handled by this filter chain.
Without the <intercept-url> tag within <http>, this declaration basically says that anyone can access any resource under the /restful/** path. The <intercept-url> here restricts access to users who have been assigned the ROLE_REMOTE role, which is quite different.
<intercept-url> patterns are relative to the enclosing <http> element pattern, so nothing outside the /restful/** path will be intercepted by this declaration.
The typical pattern is that you will have one <http> element with several <intercept-url> elements within targeting different URL patterns. Additional <http> elements can be useful when you want authentication and access control to behave differently, for example session management or authentication failure handlers for REST API endpoints.
I am trying to fetch data from a service that i donot know much about.
So i got its url like
http://ABC.com/ABC.svc
so i thouhgt to get metadata as
http://ABC.com/ABC.svc/$metadata
it gives me:
<EntityType Name="E1">
- <Key>
<PropertyRef Name="E1k1" />
</Key>
< Property Name="E2" Type="Edm.String" Nullable="true"
m:FC_TargetPath="SyndicationTitle" ..>
<ComplexType Name="OptionV1">
<Property Name="Value" Type="Edm.Int32" Nullable="true" />
... and a lot more.
How do i find out what should come next to ABC.svc/???
I want to write queries to access data. Can smebody point me to what should be my next steps?
and any learning resource on this query generation from metadata would be hlpful.
Thanks
There are two ways:
1) Using the service document. Navigate to the ABC.svc, that should return a service document, that is an ATOM Service payload which contains the names of the entity sets available from the service. For a sample of such you can go to http://services.odata.org/OData/OData.svc/. This should return a document with three collections (Entity sets). The href attribute is a relative URI to the entity set (relative to the xml:base which is usually the base of the service). So if for example your service has an entity set E1Set, then typically the address of it would be ABC.svc/E1Set.
2) Using the $metadata document and assuming the usual addressing scheme (note that this usually applies to the service but it doesn't have to). The $metadata document will define entity sets. Each of these is usually exposed by the service and typically follows the addressing scheme of ABC.svc/EntitySetName.
Once you navigate to the entity set, you should get back an ATOM feed with the entities in that set. The $metadata will help you recognize the shapes of the entities and the relationships.
Some services also have service operations or actions and so on. These are not exposed in the service document #1. Instead they are only visible in the $metadata as FunctionImport elements. They usually follow the addressing scheme of ABC.svc/FunctionImportName. But note that you might need to know something more about the service operation to be able to invoke it (what HTTP verb to use, what are the parameters, what it will do, and so on).
LinqPad provides a very simple means for getting started with OData services (assuming some familiarity with LINQ). If you will primarily be primarily consuming this application from .NET, I'd recommend starting with this application. You point it to the $metadata endpoint and it generates proxy classes which allow you to work with the OData service much like you would in a plain-old-.NET-app. On the Results Log tab, it will output the URL used to query the OData service, which you can then pick up and tweak in Fiddler. (For more about how to use OData + Fiddler, see this blog post.)
If you'll primarily be using the OData service from JavaScript, you might want to start by understanding the URI conventions better or by playing around with data.js.