The Web Service (WS) profile enables you to define a web service. One profile defines one web service. To open the configuration dialog, click the Configuration button in the upper left part of the Image Modified Desktop window. Then select from select WS Profile from the menu.
Note |
---|
title | NoteAny restrictions on the WSDL format is ignored by the outgoing web service. |
---|
In the WS profile you specify a WSDL file that includes the following parts of a Web Service definition: XML Schema: Defines information about the service either directly or via an XSD-file WSDL: Communication relevant information Binding elements: Image Modified supports only SOAP bindings
The WS profile can include more than one WSDL file reference. The WS profile is loaded when you start a workflow that depends on it. Changes to the profile become effective when you restart the workflow. Saving a WS profile that is assigned with a WSDL file, maps data types that are specified in the WSDL Schema section as UDR types for the Image Modified workflow. For further information, see Web Service UDRs(3.0). When saving a Web Service (WS) profile, the profile is saved in the folder selected in the Save As dialog the Save As dialog with the name entered. When the WS profile is saved, a number of UDRs are generated. They are saved in a folder structure based on the WS profile name. If a user renames or moves the profile to a new folder, the UDR's folder structure is not automatically adjusted and saved along with the WS profile. Therefore it is important to make sure the WS profile is saved in the appropriate place with a suitable name. Note | title |
---|
Note!The name of the folder to which you save the WS profile or the WS profile name cannot include a dash (-). A dash in the folder or profile name invalidates the WS profile. |
Note |
---|
title | Note!If possible, avoid renaming. If you must rename the profile, it must be saved again in its new location, regenerating the UDRs there. For further information about viewing the UDR type structure, see Web Service UDRs(3.0). |
---|
The Web Service profile configuration contains four tabs: Configuration, WSDL Content, Security, and Advanced. Configuration TabThe Configuration tab has the sections: Create Configuration From, Service Port Definition, and Validation. Create Configuration FromThe Web Service (WS) profile configuration can either handle single WSDL files or several WSDL files, which all can be concatenated, using the concatenate WSDL file functionality. The WSDL file must be a valid XML and must adhere to the W3C specifications - see http://www.w3schools.com/xml/xml_elements.asp. It is recommended that you use a validation service, outside Image Modified, to check that the WSDL file is valid. Note | title |
---|
Note!The type any cannot be used in a WSDL file in Image Modified. The any type maps type maps to an org.w3c.dom.Element in java, which does not map to Ultra. |
Setting | Description |
---|
Single WSDL File | The Import WSDL button is used to browse for, and import, a selected WSDL file. If the WSDL file is linked to adherent xsd files, all included files must be stored in the same directory as the imported WSDL file. If present, they are imported at the same time as the WSDL file. If not, a validation error occurs. Basic validation of the WSDL file is performed before the file is imported. After the file is imported, the content of the WSDL file and adherent files are shown in the View WSDL Content tab. Full validation of the WSDL file is performed when the profile is saved. |
Warning |
---|
title | The Web DesktopIf using the Web Desktop it is not possible to upload WSDL files linked to xsd files. | title | NoteIf you configure the Web Service agents with any value that contradicts the WSDL file specifications, your configuration will override the WSDL file. |
| Import WSDL | Click to import the selected WSDL file. | Export WSDL | Exports the original WSDL file to a directory on the local workstation. | Concatenated WSDL Files | Used when parts of several WSDL files are required. The functionality is only useful if operations defined in bindings in several WSDL files shall be published at the same endpoint. | the Files list Add the Add File dialog The list of WSDL files are concatenated when the profile is saved. The concatenation functionality concatenates and arranges all operations defined in the WSDL binding element of several WSDL files so that the result is a valid WSDL file. |
Service Port DefinitionThe drop-down list consists of the service port definitions that are included in the WSDL file. Only one Only one service element per WSDL file is supported. Note |
---|
title | NoteIf the WSDL file consists of several concatenated files, only the first WSDL file service port is applicable. The Service Port Definition entries appear in the following format: XXX:YYY(ZZZ). XXX: Currently only SOAP ports are supported. YYY: The name of the port. ZZZ: The binding that the port is connected to.
|
---|
ValidationSelect the Enable Client Side WSDL Validation to switch on WSDL validation. WSDL Content TabThe View The View WSDL Content tab Content tab is used to display the content of imported files, both WSDL and adherent files. Setting | Description |
---|
WSDL Definition | When a WSDL file is successfully imported to the Web Service profile the WSDL filename is stated here. The View button opens a read-only view of the file contents. | Included Files | If the imported WSDL Definition contains references to other WSDL or xsd files included in the configuration, they are listed here. | View Selected | If one of the files in | the Included Files list the Included Files list is selected, this button opens a read-only view of its imported content. |
Security TabWeb Services can be secured by using various combinations of security configurations: Transport Level Security with the option of enabling a Timestamp. Transport Level Security with Web Service Security standard with the option of enabling a Timestamp. Transport Level Security with Username Token and/or Addressing with the option of enabling a Timestamp. Transport Level Security with Web Service Security standard combined with Username Token and/or Addressing with the option of enabling a Timestamp. Web Service Security standard with the option of enabling a Timestamp. Web Service Security standard with Username Token and/or Addressing with the option of enabling a Timestamp. Username Token and/or Addressing with the option of enabling a Timestamp.
To apply Transport Level Security, select the Enable Transport Security check box. The Web Service agents provide Web Service security by supporting XML-signature and encryption. A TimeStamp records the time of messages. Username Token uses authentication tokens and Addressing provides unique message IDs. Diameter Stack Agent ConfigurationSetting | Description |
---|
Enable Transport Security | Select this check box if you want to communicate with the web service using the transfer protocol HTTPS. If you want to use the the transfer protocol HTTP, leave the check box empty. | Security Profile |
Insert excerpt |
---|
Click Browse to select a security profile with certificate and configuration to use, if you prefer to use a secure connection. Refer to Security (3. | 2)Diameter Stack Agent Configuration(3.2) | nopanel | true |
---|
3) for more information. | Web Service Security Settings | Applicable whether you select Enable Transport Security or not. | Enable Web Service Security For This Profile | When selected, Web Service security is enabled. The check boxes under Web Service Security Settings and Username Token and Addressing are enabled for you to configure security settings. You must select other relevant check boxes and fill in applicable fields for Web Service Security to work. | Enable Encryption | Select to encrypt messages. If you select this option, you must complete the text boxes in the Web Service Security Settings dialog. | Enable Binary Security Token | When selected, messages will be signed and the public certificate will be sent in the Binary Security Token element in the header of the message. | Use request signing certificate | When selected, the public certificate sent in the Binary Security Token element will be used to encrypt the message back to the client. This option will be ignored in case of a Web Service client agent. | Enable Signing | When selected, messages will be signed. If you select this option, you must complete the text boxes in the Web Service Security Settings dialog. | Enable TimeStamp | Select to record the date and time of messages. | Username Token and Addressing | Select to | use Username use Username Token authentication. The other text boxes in the dialog are highlighted and must be completed. | Enable Username Token | Select to enable username token. | WS Token Username | Enter the WS token username. | WS Token Password | Enter the WS token password. | Enable WS Addressing | Select to Select to send messages with a unique ID. |
Advanced TabConfigure the advanced XML binding options in the Advanced tab. See See the text in the Properties field for further information about the XML binding options. Note | title |
---|
Note!If possible, avoid renaming. If you must rename the profile, it must be saved again in its new location, regenerating the UDRs there. For further information about viewing the UDR type structure, see Web Service UDRs 10.2.0. |
There is a set of standard menu items and buttons that are visible for all configurations and these are described in /wiki/spaces/MD/pages/3210150. Generate Keystore for Web Service SecurityThere are multiple ways to setup a server and client keystores, in general, both client and the server needs the public certificate to sign the messages. If the server host multiple clients it is not needed to import all clients' certificates in server keystore but then a Certificate Authority (CA) is needed. So in a multiple client scenario, the server imports the CA certificate and get its own certificate signed by the CA. All clients get their certificates signed by CA and import server public certificate in keystore. Normally this type of certificate is signed by a trusted CA. To generate server and client keystores, you need to follow the steps in the mentioned sequence: Setup a CA as mentioned in Setting Up a Certificate Authority(3.3) Generate the server keystore and certificate as mentioned in Creating Server Keystore and Certificate(3.3) Generate the client keystore and certificate as mentioned in Creating Client Keystore and Certificate(3.3).
The Web Service Profile for client and server need to select the Binary Security Token option. For the server, you also need to select the checkbox Use request signing certificate. After following the examples of setting up the keystores, the profile settings for the client should look like this: Profile settings for the client And the server settings should look like this:
Profile settings for the server |