Thursday, October 15, 2015

Enable token based (username) security in wso2 ESB soap web service and access from SoapUI tool



SoapUI is an awesome tool to test and run web services.

Access token is the very basic level of securing web services.

With access token what we do is pass username and password through the service headers.

First we need a plain web service that has no security implementations. I take the basic echo service which comes with wso2 esb by default.

 


You can see by default echo service is not secured.

Go to the service and click on security icon,

 


Add token security as mentioned below,
 
 

Then give a user group. In here, you can use your own created user groups,

Then click finish.

Now you can see the service endpoint URL has changed to https mode,

 


That’s all. Now you have security enabled web service and let see how to access it from SoapUI,

Create new soap project using service wsdl url,
 



Click on an operation in the service,

 

If you try to access the service plain, you will get below response,
 
 

To overcome this, you need to enter credentials in request properties as mentioned below,
 
 
 
 

Now you can access the service without any problem,