> > Hello Everyone, > I'm working on a project with several web services distributed around > Europe. The information provided by them is very sensitive, so they (the > Web Services) cannot be accessed by non-authenticated and non > -authorized users. To fill this lack, we have secured our Web Services > using WSO2 (http://wso2.org/). We are using WSO2 WSAS (Web Services > Application Server) to deploy and secure the Web Services with Username > Token authentication and all communications are made under HTTPS. > > Right now, we need to make several workflows on Taverna using our > secured Web Services. However, as far as I know, Taverna does not > support consuming secured Web Services. Is there any way to access > Secured Web Services using Taverna? > Partially true. There is a component in Taverna (called WSDLActivity) that connects to an arbitrary WS. As long as the service is not secured or is simply using https for confidentiality protection and the WS's certificate is signed by one of the 'standard' CAs that come with the Java truststore - it will all work out of the box. However, problems start when WSs start to define their authentication requirements, such as username and password token like your WS and if the WS's certificate is signed by some non-standard CA. Some time ago, we tried to define security configuration option that will let you configure WSDLActivity to use a specific security configuration on the client side - we've abandoned this as it got too complicated with many different options and combinations but we did make it to work with username and password token authentication. > I have already developed a Java Application to consume the Web Services, > so it is possible to consume them programmatically. To do so, the > program uses Apache Rampart to authenticate on the Web Service. > > It is possible to make a Taverna Plug-in to solve my issue? There are > some examples or/and tutorials? > It is possible to do - you would have to create an extension to the WSDLActivity mentioned above and add the security bits yourself - I suppose you have some kind of a client-config.wsdd file that configures the security on the client side? All it would require is to set this configuration on the axis Call before you invoke the service and all the security handlers to do that (unless you are using standards ones). The WSDLActivity will do the SOAP message assembly for you. This is what we wanted to avoid - for every WS that requires some kind of security to have to create a special extension to the WSDLActivity - we wanted to be able to configure it to cope with various security scenarios. Perhaps we will revisit this again in the future.
Unfortunately, there are no tutorials. I suggest you have a look at WSDLActivity - that's your best starting point. Taverna source code is here: https://taverna.googlecode.com/svn/ and WSDLActivity can be found under engine/net.sf.taverna.t2.activities/wsdl-activity You can browse it directly at: http://code.google.com/p/taverna/source/browse/taverna#taverna/engine/net.sf.taverna.t2.activities/trunk/wsdl-activity%3Fstate%3Dclosed We have have also developed CaGridActivity plugin that does something similar - invokes a WS over https and uses username and password token authentication. It is not a clean extension of WSDLActivity as we had to do some tricks to include some special cagrid libraries but I believe it does what you need. And they have their special client-config.wsdd so you can have a look at how we've used it from inside the activity. And their WSs' certificates are signed by special CAs so we had to take care of that aspect of opening an https connection so that may be of interest to you as well. Source code for CaGridActivity can be found here: https://gforge.nci.nih.gov/svnroot/taverna-cagrid/trunk/cagrid-activity/ Cheers, Alex ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ taverna-users mailing list [email protected] [email protected] Web site: http://www.taverna.org.uk Mailing lists: http://www.taverna.org.uk/taverna-mailing-lists/
