ESB with Certificates and ADFS

Four Stars

ESB with Certificates and ADFS

Hello,

I am quite new with Talend ESB and have a task at work.

I need to design an architecture where ESB handles and secures the communication with certificates and authenticates the users with AD FS.

 

I hope i am clear enough.

Thank you for the replays.

 

Cheers.

Moderator

Re: ESB with Certificates and ADFS

Hello,

Could you please have a look at this document about:TalendHelpCenter: Security Token Service to see if it is what you are looking for?

Best regards

Sabrina

--
Don't forget to give kudos when a reply is helpful and click Accept the solution when you think you're good with it.
Employee

Re: ESB with Certificates and ADFS

Hello, 

 

Can you give us some additional details so we can help please ?

 

Do you need to use certificates for encryption, signature or authentication ?

* Karaf provides native ssl support for encryption, on port 9001

(See etc/org.ops4j.pax.web.cfg configuration file)

 

Regarding authentication, have you chosen a standard protocole (basic HTTP, SAML, OIDC, X509, ...) ?

* Karaf and Talend services can be easily configured to use one of these and authenticates against an LDAP system with a simple jaas class.

 

Let us know.

Thomas

Four Stars

Re: ESB with Certificates and ADFS

Hello,

well i thought that using SAML protocol is enough to make it secure. If that is not the point, then i will have to use TSL certificates to make a connection secure and SAML protocol for authentication.

 

Basic usage of the system will be:

-Getting a request from an User to ESB(secured with certificates or STS if that's enough)

-Check permissions and roles via AD FS with SAML

-Execute the request

 

hope that's enough informations

Employee

Re: ESB with Certificates and ADFS

Ok, let's start with the certificate.

 

1 - Design a simple web service and make sure it is deployed on runtime server and that you can request it on http port 8040.

2 - Import your certificate sent by a certified provider into a keystore

(See https://wiki.eclipse.org/Jetty/Howto/Configure_SSL#Loading_Certificates_with_keytool -> Loading certificates with keytool)

3 - Update etc/org.ops4j.pax.web.cfg file to reference your keystore and set credentials to open it

(See https://ops4j1.jira.com/wiki/spaces/paxweb/pages/12059277/SSL+Configuration)

4 - Try to request your web service on https and port 9001

 

Let me know if it works.

Thomas

Four Stars

Re: ESB with Certificates and ADFS

Thank you for the response.

 

The issue is I need to create a server certificate and user certificate, because I'm doing a demo Project to show my boss.

I have a simple Service, that says hello. I've researched a lot about SAML, STS, certificates. The problem comes when I try to implement it and nobody can help me because they don't know anything about this... i know it's a bit odd Smiley Very Happy

I've tried sending a token request via SOAPUI on talend runtime and receive a response. 

But implement everything in my service, so he send a token request and then takes the response and puts it in the header is a mystery to me .

 

If you could help me with this i would really appreciate it Smiley Happy

15TH OCTOBER, COUNTY HALL, LONDON

Join us at the Community Lounge.

Register Now

2019 GARNER MAGIC QUADRANT FOR DATA INTEGRATION TOOL

Talend named a Leader.

Get your copy

OPEN STUDIO FOR DATA INTEGRATION

Kickstart your first data integration and ETL projects.

Download now

What’s New for Talend Summer ’19

Watch the recorded webinar!

Watch Now

Talend API Designer – Technical Overview

Take a look at this technical overview video of Talend API Designer

Watch Now

Getting Started with APIs

Find out how to get started with APIs

Read