Vote count:
0
I have some backend services I want to be able to access via a browser, which have no security applied to them.
Using the WSO2 ESB I have created passthrough proxies, and in WSO2 IS I have set everything up for issuing tokens. When I setup the SAML Security policies on the proxies in the ESB, access to the backend services fails.
Looking in the logs I can see messages about missing wsse:Security headers, but why would these headers be present for a service accessed through a browser? Should the ESB not redirect to the IS upon realizing that the authentication data is missing, which then redirects back to the service at the ESB upon login?
My use case is: User tries to open esb service url, esb redirects browser to the IS SSO login page, IS redirects after login back to esb service, and service is then accessible (or not, depending on user role).
I've tried using many tutorials but none seem to match this exact use case. Furthermore the steps in those tutorials for similar cases do not work, and I keep coming back to this error of missing Security headers, without any kind of redirect to the IS.
Does the ESB actually support this kind of behavior, or does my client need to provide auth information no matter what?
Also, if the ESB does support this kind of behavior, how do I actually set it up?
Feel I may be missing something...
WSO2 ESB Secure Proxy with SSO via WSO2 IS redirect, for an Insecure Backend
Aucun commentaire:
Enregistrer un commentaire