WSRP Security: Security WSRP Messages over wire in Weblogic Portal

Home > Weblogic Portal, Weblogic Server, WSRP > WSRP Security: Security WSRP Messages over wire in Weblogic Portal

WSRP Security: Security WSRP Messages over wire in Weblogic Portal

October 21, 2010 Vijay Leave a comment Go to comments

Usecases:

Provide Security for WSRP portlets so that only authenticated Consumers can access the exposed portlets
Provide transport layer security for WSRP messages so that SOAP Messages between WSRP Producer and WSRP consumer are encrypted

For #1, The user identity can be acheived in two ways in Weblogic Portal 10.3.2

SAML Tokens (default) link
User Name Tokens link

For #2, Open up, WEB-INF/wsrp-producer-config.xml inside Producer’s application and change secure attribute to true. After changes, it should look like below:

<markup secure="true" rewrite-urls="true" transport="string" accepts-mime="false"
return-markup-during-interaction="true"
isolate-session-cookies-for-local-consumer="false"/>

A packet sniffing tool like TCPMonitor can be used to verify this configuration.

keywords: Weblogic Portal 10.3.2 (11g), WSRP Producer, WSRP Consumer

Comments (0) Trackbacks (0) Leave a comment Trackback

No comments yet.

No trackbacks yet.

Vijay's Blog

WSRP Security: Security WSRP Messages over wire in Weblogic Portal

Leave a comment Cancel reply

Archives

Categories

Recent Posts

Blog Stats

Meta

Email Subscription

Vijay's Blog

WSRP Security: Security WSRP Messages over wire in Weblogic Portal

Share this:

Related

Leave a comment Cancel reply

Archives

Categories

Recent Posts

Blog Stats

Meta

Email Subscription