This sample uses XML decryption on the request and applies encryption on the response.
The sample policy includes a Main policy, which chains together
the calls that decrypt the request, the invocation of the back-end service, and the
encryption of the response.
Main Policy
The Main policy circuit is as follows:
The Main policy performs the following tasks:
-
Decrypt Request is a policy shortcut, which
invokes another policy that takes the inbound request and decrypts it.
- The decrypted request is routed to the back-end service.
- The Encrypt Response policy shortcut invokes
a policy that encrypts the response from the back-end service.
Decrypt Policy
The Decrypt policy circuit is as follows:
The Encrypt policy performs the following tasks:
- The decryption settings are defined: what to decrypt and which key to use.
- The XML decryption is executed based on the defined settings.
Encrypt Policy
The Encrypt policy circuit is as follows:
The Encrypt policy performs the following tasks:
- The encryption settings are defined: what to encrypt, which symmetric
key to use, which certificate to use, and how to encrypt (algorithm and where
to place the encryption information).
- The XML encryption is executed based on the defined settings.
Running the Encryption and Decryption Sample
You can call the sample service using the Send Request (sr ) command
or the Service Explorer GUI:
SR Command
Enter the following command:
| | |
|
sr -f GW_INSTALL/samples/SamplePolicies/Security/Encryption/Request.xml
http://localhost:8081/encryption
| |
| | |
|
For more details, see the topic on Stress Testing
with Send Request (SR).
Service Explorer
Perform the following steps:
- Specify the following URL in the Request Settings:
| | |
|
http://hostname:8081/encryption
| |
| | |
|
- Select
POST as the Verb.
- Click the Close button.
- Select File -> Load, and browse to
the following file as input for the request:
| | |
|
GW_INSTALL/samples/SamplePolicies/Security/Encryption/Request.xml
| |
| | |
|
- Click the Send Request button.
For more details, see the topic on Sending a Request
using Service Explorer.
|