Secure WSO2 Data Services with Basic Auth
Here in this article Im going to describe how we can add basic auth authentication for a WSO2 Data Service.
We will be using wso2 developer studio(EI Tooling) for this task.
I have following project in my EI Tooling (Developer Studio). And I have my dataservice called test.dbs
When I deploy it, It will be like below. Unsecured.
Now we are going to create a ws-policy to secure the dataservice.
Create WS-Policy
01. Write Click on your Registry project
02. Add new -> Registry Resource -> From existing Template
03. Select WS-Policy from templates, give the resource a name and a registry path to save.
Configure newly created WS-Policy
01. Open the policy you’ve just created(Double click on it). You should see something like below.
02. Select UsernamToken and click on the ‘User Roles’ button.
03. Add user roles that you are planning to give access to the data service. Either you can add comma seperated values or you can retrieve existing roles from server by ticking “Get Roles from Server” and providing url and credentials of the server. Click OK once completed adding roles
Add Policy to the Data Service
Add follwoing lines to enable the security and point to the registry path of the ws-policy deployed in registry. This has to be added just before the end </data> tag.
<policy key="conf:security/DataService_secure_policy.xml"/><enableSec/>My data service .dbs file looks like below now.
Deploy WS-Policy
Add ws-policy to your CApp and deploy.
Now go to your management console and look at the dataservice. You should see that its been secured.
Now If you open try it service, you may see that its asking for username and password to invoke the data service.
If you are invoking it from other service, please make sure you add the Authorization header with value “Basic {base64 encoded username:password}” in your request.
Cheers!!!
