Securing Mashups

The Mashup Server allows users to secure their mashups using WS-Security. All the complexities of WS-Security are hidden under the covers so that users can apply security scenarios of their mashups with ease. Once a security scenario is applied the corresponding WSDL of that mashup will display the WS-Security policy that has been engaged on that mashup. Hence consumers of this mashup will be able to consume your secured mashup by processing the information available in the WSDL.

Securing mashups deployed on the Mashup Server can be done by visiting the corresponding mashup page. If the user has already signed in he will see a link called "Configure Security Scenarios" in the configuration section on the mashup page (see image below). If the user has not set up his private key he will be redirected to the certificate manager page. Please refer the Keystore Management section for setting up private keys.

Applying Security Scenarios

The Security Scenarios page lists the security scenarios that can be applied to a mashup. The Mashup Server ships with 15 most commonly used security scenarios which can be applied onto a mashup by selecting the desired scenario and clicking "submit". By default the mashup is unsecured, which is listed as scenario 16.

Some of the security scenarios listed above will require the user to specify the users and roles that are authorized to access the service. These are the security scenarios that involve Username Token Authentication. When such a scenario is applied you will be prompt with a list of available users and roles.

Providing access to the "mashup_user" role would mean that any registered user in the Mashup Server will be able to access this service.

NOTE: The generated stub provides facilities to access mashups secured using "UsernameToken with Timestamp over HTTPS" while the WSRequest host object provides facilities to access any secured mashup.