This document contains all the use cases related to the Petals-BC-SOAP component.
Use cases are ordered by their complexity, from the most simple to the most complex ones.
Simple Use Cases
Securing a service running into Petals using 2-Way SSL and WS-Security
This use case runs with the Petals BC SOAP 4.0.9+ |
The goal of this use-case is to show you that it is possible to mixed SSL and WS-Security to secure an internal endpoint as a webservice using several certificats:
- a transport certificate identifying the webservice client,
- a transport certificate to crypt the communication between the serveur and the client,
- a message certificate to sign the message sent by the client and to warranty its integrity,
- a message certificate to crypt the SOAP body content,
- a user name and a password to identify the user of the client,
- a time-stamp to avoid request re-injection.
So, it is needed to have the following key stores:
- a key store 'client': keystore-clt.jks (password: keystoreclt), containing:
- the private keys of the client,
- the public keys of the serveur
- a key store 'server': keystore-srv.jks (password: keystoresrv), containing:
- the private key used to crypt the SOAP body content,
- the public key of the client used to sign
- a specific key store 'ssl': keystore-srv-ssl.jks (password: keystoresrv), containing:
- the SSL private key of the server
- the SSL public key of the client
The private keys of the client (symetrically, public keys of the server) are:
- 'sslclt': the private key identifying the client at SSL level (2-way SSL), password: 'keystoreclt',
- 'wsseclt-sign': the private key to sign the message, password: 'keystoreclt'.
The private keys of the server (symetrically, public keys of the server) are:
- 'sslsrv': the private key to crypt the communication between the server and the client, password: 'pwsslsrv',
- 'wsseclt-crypt': the private key to crypt the message, password: 'keystoresrv'.
Complex Use Cases
These use cases involve several Petals components including the Petals-BC-SOAP component.
No content found for label(s) uc-soap. |