Using the AquaLogic Service Bus Console
This section includes the following topics:
Proxy service providers encapsulate all the PKI (Public Key Infrastructure) credentials used by one or more proxy services. Different PKI credentials (private-key/certificate pairs) for different purposes can be assigned to a proxy service provider. When you create a proxy service, you can specify a proxy service provider. If the proxy service needs PKI credentials, for example to open an HTTPS connection with client-certificate authentication, it gets the credentials from the proxy service provider. Multiple proxy services can use the same proxy service provider
A proxy service provider can have one or more of the following credentials:
A proxy service uses this key-pair to authenticate when acting as a client during an outbound TLS/SSL (Secure Sockets Layer) connection; that is, when routing a message to an HTTPS service that requires client-certificate authentication.
This key-pair is used with Web service security when a proxy service is required (by WS-Policy) to sign one or more parts of a SOAP envelope. Digital signature provides message integrity.
This key-pair is used with Web service security when a proxy service requires encryption (via its WS-Policy). This X.509 certificate is automatically embedded into the WSDL dynamically generated when fetching the proxy service's "?WSDL" URL. Clients use this certificate to encrypt message intended for the proxy service. The proxy service uses the private key to decrypt these messages. Encryption provides message confidentiality, and is required to include an X.509 authentication token.
To configure security for a proxy service, you first need to create a proxy service provider. After you commit your changes, you can associate PKI credentials with the proxy service provider using the Credentials section of the Security Configuration module. Newly created proxy service providers within a session are not visible to the Credentials section in the Console (and therefore cannot be assigned credentials) until the session is committed. To learn more, see Adding a Credential.
You can specify a proxy service provider for a specific proxy service in the Service Provider field on the Edit a Proxy Service - General Configuration page. To learn more, see Adding a Proxy Service.
Note: To learn more about security, see Securing Inbound and Outbound Messages in the BEA AquaLogic Service Bus User Guide.
The following table lists the Proxy Service Provider pages you can access from the Resource Browser and Project Explorer modules. The tasks and help topics associated with each are provided.
The Summary of Proxy Service Providers page enables you to view a list of proxy service providers. A proxy service provider supplies credential-level validation to proxy services. You use proxy service providers to manage security credentials for proxy services. To learn more, see Overview of Proxy Service Providers.
A unique name for the proxy service provider. The name is a link to the Proxy Service Provider Details page. To learn more, see Viewing and Changing Proxy Service Provider Details. |
|
The path is the project name and the name of the folder in which the proxy service provider resides. It is a link to the project or folder that contains this resource. To learn more, see Viewing Project Details or Viewing Folder Details. |
|
Click the Delete icon to delete a specific proxy service provider. To learn more, see Deleting a Proxy Service Provider. |
Adding a Proxy Service Provider
The Create a New Proxy Service Provider page enables you to add a new proxy service provider. A proxy service provider supplies credentials to proxy services. You use a proxy service provider to manage and supply credentials to proxy services. To learn more, see Overview of Proxy Service Providers.
Note: Newly created proxy service providers within a session are not visible to the Credentials section in the Security Configuration module. Therefore, you cannot associate a new proxy service provider with PKI credentials until you click Activate to commit the session.
Note: Click the name of a folder to select it. The Folder View page is displayed.
Note: The new proxy service provider is saved in the current session. When you have finished making changes to this configuration, from the left navigation pane, click Activate under Change Center. The session ends and the configuration is deployed to run time. Alternatively, click Discard at any time during the session to delete the changes you have made so far in the current session.
Listing and Locating Proxy Service Providers
Viewing and Changing Proxy Service Provider Details
Deleting a Proxy Service Provider
The Proxy Service Provider Details page enables you to view and change details of a specific proxy service provider. A proxy service provider supplies credential-level validation to proxy services. You use proxy service providers to manage security credentials for proxy services. To learn more, see Overview of Proxy Service Providers.
The user who created this proxy service provider or imported it into the configuration. |
|
The date and time that the user created this proxy service provider or imported it into the configuration. |
|
The number of objects that this proxy service provider references. If such references exist, click the link to view a list of the objects. To learn more, see Viewing References. |
|
The number of objects that reference this proxy service provider. If such references exist, click the link to view a list of the objects. For example, if you selected this proxy service provider as the service provider for a specific proxy service, the proxy service is listed as a reference when you click the link.To learn more, see Viewing References. |
|
A description of this proxy service provider, if one exists. |
Note: The proxy service provider is updated in the current session. When you have finished making changes to this configuration, from the left navigation pane, click Activate under Change Center. The session ends and the configuration is deployed to run time. Alternatively, click Discard at any time during the session to delete the changes you have made so far in the current session.
Adding a Proxy Service Provider
Listing and Locating Proxy Service Providers
Deleting a Proxy Service Provider
The Summary of Proxy Service Providers page enables you to delete proxy service providers. A proxy service provider supplies credential-level validation to proxy services. You use proxy service providers to manage security credentials for proxy services. To learn more, see Overview of Proxy Service Providers.
Note: You cannot delete a resource if it is referenced by other resources in AquaLogic Service Bus. Instead of the Delete icon, a Delete icon with a red X is displayed for these resources.
Warning: Deleting a proxy service provider does not delete the associated PKI credentials. You must first delete the PKI credentials before deleting the proxy service provider.
The service provider is removed from the list.
Note: If necessary, you can undo the deletion of this resource. To learn more, see Undoing a Task.
The proxy service provider is deleted in the current session. When you have finished making changes to this configuration, from the left navigation pane, click Activate under Change Center. The session ends and the configuration is deployed to run time. Alternatively, click Discard at any time during the session to delete the changes you have made so far in the current session.
Adding a Proxy Service Provider