RSS

Monthly Archives: December 2012

Unit Testing for C#.Net (Nunit)


You can download sample C# project here

 
Leave a comment

Posted by on December 20, 2012 in C#, Other, unit testing with C#

 

Tags:

Invoke secured service(Sign and encrypt) from SoapUI 4.0.0


Here we are using the WSO2ESB 4.0.3 and SoapUI 4.0.0

First of all you have to start the ESB and secure the “echo” service as follows

1. Click on the “List” button under “Web Service” menu and Select the “Unsecured” button to Secure the service in front of “echo” service

esb1

2. Now select “yes” from drop down and selected the policy number “5” and click Next

esb2

3. Select the “Trusted key store” and “Private key store” click Finish

esb3

4. You can see the message “Security applied successfully

esb4

Configuration part in ESB side is finished. What we have to do now is Invoke the secured service through the SoapUI

1. Open the SoapUI and go to “New SoapUI project” and give the service endpoint url with wsdl

ex/ endpoint url – http://localhost:8280/services/echo?wsdl

you can easily take the endpoint url by click on the service

esb5

Place the endpoint url with wsdl and create SoapUI project

so1

2. Click on the created project and select “Show Project View

so2

3. go to “WS-Security Configurations

so3

4. Select “Keystores / Certificates

so4

5. Add new keystore – select the “wso2carbon.jks” that you select to secure the service (you can easily find this here ${ESB_HOME}/repository/resources/security)

so5

so6

so7

6. Set Default Alias as “wso2carbon” and Alias Password as “wso2carbon

so8

7. Select tab “Incoming WS-Security Configuration

so9

Add new record name as “incoming-security

so10

Select Signature keystore as “wso2carbon.jks” and set password as “wso2carbon

so11

8. Select tab “Outgoing WS-Security Configuration

so12

Add new record name as “outgoing-security

so13

so14

Set Alias name as “wso2carbon” and password as “wso2carbon

so15

9. Add new WS Entry “TimeStamp

so16

so17

Set value as “300000

so18

9. Add another WS Entry “Signature

Keystore : wso2carbon.jks
Alias : wso2carbon
Password : wso2carbon
Key Identifier type : Binary Security Token
Signature Algorithm : http://www.w3.org/2000/09/xmldsig#rsa-sha1
Signature Canonicalization : http://www.w3.org/2001/10/xml-exc-c14n#
Digest Algorithm : sha1
Use Single certificate : true

Parts – Add a new sign part for SOAP body. For that use the following values

ID – [keep it as blank]
Name – Body
Namespace – http://www.w3.org/2003/05/soap-envelope
Encode – Content

so19

9. Add another WS Entry “Encryption

so20
Keystore : wso2carbon.jks
Alias : wso2carbon
Password : wso2carbon
Key Identifier type : Binary Security Token
Symmetric Encoding Algorithm : <Default>
Key Encryption Algorithm : <Default>
Encryption Canonicalization : <Default>
Create Encrypted Key : true
Parts – Add a new Encryption part

ID – [keep it as blank]
Name – Body
Namespace – http://www.w3.org/2003/05/soap-envelope
Encode – Content

so24

10. Save the SoapUI project and select the one of function under soap12Binding and go to request

Select “Aut” and Set the  “Outgoing WSS” and “Incoming WSS

so23

11. Invoke the service with the required parameters

so25

 
1 Comment

Posted by on December 19, 2012 in Enterprise Service Bus, java, wso2

 

Tags: ,

How to do the Unit Testing in JAVA – Useful for Beginners


 
Leave a comment

Posted by on December 19, 2012 in java

 

Tags: ,

How to Invoke the “echo service” secured with Kerberos in WSO2 ESB


This is most useful sample to verify the echo service secured with “kerberos”

First you have to download the WSO2-ESB 4.5.0 and WSO2-IS 4.0.0
In this example IS(Identity Server) act as KDC(key distribution center) so first of all we have to configure the IS

Open the bellow mentioned files and do the required changes

1. $IS_HOME/repository/conf/embedded-ldap.xml

Download Sample embedded-ldap.xml here
under <KDCServer> and  make the property “enable” = true as follows
<Property name=”enabled”>true</Property>

add this property under <KDCServer>
<Property name=”preAuthenticationTimeStampEnabled”>false</Property>

2. $IS_HOME/repository/conf/user-mgt.xml

Download Sample user-mgt.xml here
under <ApacheDSUserStoreManager>
<Property name=”kdcEnabled”>true</Property>

3. $IS_HOME/repository/conf/security/krb5.conf

Download Sample krb5.conf here

[libdefaults]
default_realm = WSO2.ORG
default_tkt_enctypes = des-cbc-md5 des-cbc-crc des3-cbc-sha1
default_tgs_enctypes = des-cbc-md5 des-cbc-crc des3-cbc-sha1
permitted_enctypes = des-cbc-md5 des-cbc-crc des3-cbc-sha1
allow_weak_crypto = true

[realms]
WSO2.ORG = {
kdc = 127.0.0.1:8000
}

[domain_realm]
.wso2.org = WSO2.ORG
wso2.org = WSO2.ORG

[login]
krb4_convert = true
krb4_get_tickets = false

4. $IS_HOME/repository/conf/security/jaas.conf

Download Sample jaas.conf here

Server {
com.sun.security.auth.module.Krb5LoginModule required
useKeyTab=false
storeKey=true
useTicketCache=false
isInitiator=false
principal=”esb/localhost@WSO2.ORG“;
};

Client {
com.sun.security.auth.module.Krb5LoginModule required
useTicketCache=false;
};

Now IS is configured successfully
Go to $IS_HOME/bin and run the wso2serever.sh

If IS configured properly, when your stating the IS you can see this log in command line
“[2012-12-13 14:40:32,426] INFO {org.apache.directory.server.kerberos.kdc.KdcServer} – Kerberos service started.”

Now you have to create the Server principle that we mention in “jass.conf”

Login to IS buy using username – “admin” password -“admin” and go to configure->Service Principle and create   It

is

Register the Server Principle
Service Name : esb/localhost
Description : Test
Password : dinuka
Re Password : dinuka

Next we have to create Client Principle that means “User”

Username : dinuka
Password : dinuka
User Role : admin
is

Lets move to configure the ESB

First go to $ESB_HOME/repository/conf/security/
and place the same krb5.conf and jaas.conf files in $IS_HOME/repository/conf/security/

Open $IS_HOME/repository/conf/carbon.xml and change the offset 0 to 1 and start the ESB
Download sample carbon.xml here

Go to ESB and secure the “echo” service with kerboros

is1

Service Principle Name : esb/localhost
Service Principle Password : dinuka

is2

We are done with the configuration now we have to invoke the echo service so you can download the Java Client from here

You have to set the project dependencies for above client so point the all jars in $ESB_HOME/repository/components/plugins 

If you change username and password at the configuration time you have to make those changes on the above client also Go to policy.xml in the above client and change the following details according to your setting

<rampart:property name=”client.principal.name”>dinuka</rampart:property>
<!– Authenticating user password –>
<rampart:property name=”client.principal.password”>dinuka</rampart:property>
<!– To which service client needs to talk to –>
<rampart:property name=”service.principal.name”>esb/localhost@WSO2.ORG</rampart:property>

Finally change the ECHO_SERVICE_EPR  relevant to the your ESB and run the KerberosClient.java

Results should be

Calling Echo service with parameter – Hello World
Response : <ns:echoStringResponse xmlns:ns=”http://echo.services.core.carbon.wso2.org”><return>Hello World</return></ns:echoStringResponse>

 
1 Comment

Posted by on December 13, 2012 in Enterprise Service Bus, Identity Server, java, wso2

 
 
%d bloggers like this: