Testing a secure pass through proxy via SoapUI

Testing a secure pass through proxy via SoapUI

This blog post will show how to call a service deployed on wso2as via a pass through proxy service deployed on wso2esb-4.8.0 and how we can test a pass through proxy service once it is secured. You can download the esb latest pack from hear

This blog post assumes that wso2 esb runs on the default offset and the wso2 application server runs on an offset of 1.

First start the wso2 application server. The server should be started with a URL as similar to https://localhost:9444/carbon/.

Now we need to create a pass through proxy from the wso2esb that calls the back end service. Click on Add > Proxy Services >Pass Through Proxy services, the system should load a screen as similar to the below image.

When clicked on "Pass Through Proxy" the system will load a screen as similar to the below image. First enter a name to uniquely identify the service. Next select the target end point, for this example I will select "Enter URL" option. Once selected enter the URL for the service hosted on the wso2 app server as http://localhost:9764/services/HelloService.

We also need to specify the URL of the back end service. To achieve this select specify source URL option from the drop-down under "Publish WSDL Options" and enter a URL as http://10.100.0.94:9764/services/HelloService?wsdl. Once the above details are entered click on "Create" Button to create the pass through proxy service.

To test our service load soap UI and create a new soapUI project and specify the wsdl file that is generated for the new HelloService. As shown from the image below enter a parameter within the <name> </name> tags by replacing the ? symbol and submit the request. The Soap UI will generate an output as 

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
   <soapenv:Body>
      <ns:greetResponse xmlns:ns="http://www.wso2.org/types">
         <return>Hello World, shavantha !!!</return>
      </ns:greetResponse>
   </soapenv:Body>
</soapenv:Envelope>

If we visit the wso2 app server and click on the HelloService the request count should show the number of request that has been generated via the soap ui client.

The above example shows how a non secure proxy service can be accessed. Next  we will see how to secure the proxy service and update the soap ui to with additional parameters to submit request for a secured pass through proxy service.

The HelloService will show an Unsecured option click on this and the system will as to enable security from a dropdown and we need to select "yes" which will load a screen similar to below image. For this example lets secure with the basic "User Name" token. as selecting from the Basic Scenario and click on next. option

From the next screen select the "admin" user role and click on "Finish button" which will generate a message "Security applied successfully."

Now, we have secured the pass through proxy service "HelloService". If we at this time send a request via soap UI, soap UI will show a response as below indicating that the request as to be of http type.

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
   <soapenv:Header>
      <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
         <wsu:Timestamp wsu:Id="Timestamp-1" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
            <wsu:Created>2013-12-04T09:58:10.522Z</wsu:Created>
            <wsu:Expires>2013-12-04T10:03:10.522Z</wsu:Expires>
         </wsu:Timestamp>
      </wsse:Security>
   </soapenv:Header>
   <soapenv:Body>
      <soapenv:Fault xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
         <faultcode>wsse:InvalidSecurity</faultcode>
         <faultstring>Expected transport is "https" but incoming transport found : "http"</faultstring>
         <detail/>
      </soapenv:Fault>
   </soapenv:Body>
</soapenv:Envelope>

Update the Soap UI request as below

End point URL :

https://shavantha-ThinkPad-T530:8243/services/HelloService.HelloServiceHttpsSoap11Endpoint

Authorization Type :Preemtive

User name :admin (our esb packs super admin credentials)

Password :admin (our esb packs super admin credentials)

WSS-Password Type: PasswordText

WSS TimeToLive :30000

Once the SoapUI request is updated with the above parameters, on submitting a request, the response will be as shown below

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
   <soapenv:Header>
      <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
         <wsu:Timestamp wsu:Id="Timestamp-9" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
            <wsu:Created>2013-12-04T10:02:10.069Z</wsu:Created>
            <wsu:Expires>2013-12-04T10:07:10.069Z</wsu:Expires>
         </wsu:Timestamp>
      </wsse:Security>
   </soapenv:Header>
   <soapenv:Body>
      <ns:greetResponse xmlns:ns="http://www.wso2.org/types">
         <return>Hello World, shavantha !!!</return>
      </ns:greetResponse>
   </soapenv:Body>
</soapenv:Envelope>