tESBConsumer explain "Use Authentication"

One Star

tESBConsumer explain "Use Authentication"

Hi,
we created a Service an would like to know how to use the ESB Service Setting "Use Authentication"
What is the different between BASIC http, Username Token and SAML Token. There are no realy helpful things in the Documentation.
We have a service that needs username and password and we would like to connect to this Service with Talend ESB
( Do a proxy-Service) In the Studio, the BASIC-HTTP works, if we deploy our own Service to the Talend ESB-Server, it comes with the Message "Unsupported secutity value: BASIC". What is the right way to do it? Is there a Tutorlal for this?
I tried to connect with my own registered Username but this fails again.
Thanks
Uwe
One Star

Re: tESBConsumer explain "Use Authentication"

Hello Uwe,
What is the different between BASIC http, Username Token and SAML Token

indeed some prior knowledge about web service security is assumed, the documentation deals with using the features, not technical details. For for the start:
- BASIC - username and password is base64 encoded in the HTTP header, therefore it is bount to the transport level (HTTP).
- username token - you need to provide WS-Security compliant information (username and password / password digest) in the SOAP header
- SAML - you need to provide SAML ticket from an identity provider service

would like to know how to use the ESB Service Setting "Use Authentication"

for TESB you need to provide WS-Security compliant username / password (cleartext password here), all authenticated users against the Karaf container are authorized to invoke the service. From a client side - try to have a look at the WSS4J library (for the WSS4J interceptor).
A sample request with WSS Username token
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:web="http://litwinconsulting.com/webservices/">
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-1" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>test</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">test</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">UYMM7dQSmlfUZ8+0BB1RnQ==</wsse:Nonce>
<wsu:Created>2012-10-10T15:41:25.890Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<web:GetWeather>
<web:City>Paris</web:City>
</web:GetWeather>
</soapenv:Body>
</soapenv:Envelope>

Setting up SAML security is a little bit trickier, if you really want it, I advice you to download and read full TESB documentation, there's a PDF how to do it. But I believe for beginning the WS-Security with usename token could be sufficient.
There are more articles about the topic in this forum, try to search and hopefully you will find more.
Best regards
Gabriel