Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

A security policy associated with a web service  consumer governs the security at two levels:

  • Transport level security
  • Message level security

Transport level security is all about overseeing if the SSL is being used for the communication between the server and the client. If SSL is being used then , it determined determines which Truststores and Keystores have been used in the security policy.

Message level security governs the authentication between the consumer and the provider. 

When you use a web service consumer in a process flow, you may need to define the security policy for the web service at runtime instead of using the predefined security policy for the web service. Defining a security policy entails the process of defining the Truststore and Keystore. 

There can be two scenario wherein you may want to override the security policy:

Table of Contents
maxLevel3

A web service consumer with a security policy

To define a security policy at runtime, you need to define and override the Truststore and Keystore values dynamically. Adeptia Connect allows you to override the Truststore and Keystore values using context variables in a process flow.

The table below gives you an idea on how to use the context variables to override the values dynamically. 

Type

Type of overriding

Context variable name

TruststoreOverride by NameService.<PolicyName>.truststoreName

Override by Id and Typed IdService.<PolicyName>.truststoreId
KeystoreOverride by NameService.<PolicyName>.keystoreName

Override by Id and Typed IdService.<PolicyName>.keystoreId
Keystore AliasOverride by NameService.<PolicyName>.keystoreAlias


Note
  • If Service.<PolicyName>.trustStoreName context variable is defined and Truststore with that name is not found then it skips overriding the Truststore. The same holds true for Context variable Service.<PolicyName>.trustStoreId.
  • If Service.<PolicyName>.keyStoreName context variable is defined and Keystore with that name is not found then it skips overriding the Keystore. The same holds true for Context variable Service.<PolicyName>.keyStoreId
  • While overriding the Keystore, if Service.<PolicyName>.keyStoreAlias context variable is not defined then it uses the alias value as "Default". 

A web service consumer without any security policy

In case of using a web service without any security policy attached to it, you can reference an external Truststore and Keystore dynamically in a process flow by providing the path of the Truststore and Keystore in the respective context variables. The table below contains the names of the context variables to be used to achieve the purpose.

TypeContext variable name
TruststoretruststorePath
truststorePassword
truststoreType
KeystorekeystorePath
keystorePassword
keystorePrivateKeyPassword
keystoreType
keyStoreAlias




Panel
borderStylesolid
titleYou may be interested in...
What is new
Application architecture
Key terms
Install
Usage scenarios