Exposing WebService on Mule - web-services

I wanted expose an WebService on mule and its working.
My concern is that am not sure if this is the right approach to follow in exposing a webservice.
As I wanted to be able to view my Mule HTTP Inbound endpoint wsdl i.e
XXX:8084/HelloService?wsdl
, notice the actual service is running on port 8085.
<flow name="WS_In" doc:name="WS_In">
<http:inbound-endpoint address="http://localhost:8084/HelloService" exchange-pattern="request-response" doc:name="HTTP">
<cxf:proxy-service wsdlLocation="http://localhost:8085/HelloService?WSDL" payload="envelope" namespace="http://example.org/HelloService" service="Hello"/>
</http:inbound-endpoint>
<http:outbound-endpoint exchange-pattern="request-response" host="localhost" port="8085" doc:name="HTTP" path="test"/>
</flow>

So you're not exposing a service but just proxying it right?
Why not using the ready made pattern for that? See: http://www.mulesoft.org/documentation/display/current/Web+Service+Proxy+Pattern

Proxying web services is a very common practice used for different reasons like security or auditing. This pattern allows a short and easy configuration of such a proxy.
With this you can
Transform the SOAP envelope (body or header) to add or remove specific entries.
Rewrite remote WSDLs so they appear to bind to services inside a corporate firewall.
Mule has already defined these proxy transformers in various ways:
Ref: https://docs.mulesoft.com/mule-user-guide/v/3.7/web-service-proxy-pattern#wsdl-redirection

Related

Mulesoft: Expose web services/wsdl behind firewall

How to expose wsdl behind firewall?
Mule generated WSDL has endpoints to server where it runs but exposing it outside requires change of this endpoint.
Current workaround what we use is to use SOAPUI to export internal service wsdl, edit it in text editor substitute all internal addresses for external analogs, pack this wsdl and send it to the external consumer.
Is there better way to do so? Maybe some parameter to some component which generates the WSDL which defines the server name for endpoints?
UPDATE based on comments:
This is not general question about WSDL. This is Mulesoft related question. Mule generates WSDL automatically. Here is part what I'm interested in:
<port binding="tns:Hello_Binding" name="Hello_Port">
<soap:address>
location="http://mule.server.internal.local/SayHello/" />
</port>
It is generate because Mule server is at internal box mule.server.internal.local
But when this server is exposed externally it is "hosted" on external site service.mycompany.com, so WSDL should say
<port binding="tns:Hello_Binding" name="Hello_Port">
<soap:address>
location="http://service.mycompany.com/SayHello/" />
</port>
but Mule does not know about it and so WSDL is invalid.

How to Configure Spring MVC 4 to send and receive soap messages in two way SSL using Web Service Consumer?

I have tried to configure Spring MVC in two way SSL using Spring Ws to connect to third party but due to the lack of documentation I have decided to integrate my Spring MVC 4 Application with Web Service Consumer .I am a beginner in Web Service consumption.I would like to know how to configure my Spring MVC 4 application with web service consumer with annotation based configuration to achieve a Two way SSl communication with Third party and also encrypt my soap messages before it is sent to the https server ?If any links or sample code would be helpful.
Also if the WSDL is located in a a https link how do I generate the classes?
This question is huge. There is no a trivial solution
I can provide the steps and guide to the manual
1)Resolve CXF dependencies to include libraries in your project
Use maven, ivy or download. You need jax-ws and related
http://cxf.apache.org/docs/using-cxf-with-maven.html
2) Generate a Java client with wsdl2java to your wsdl
For example
wsdl2java -p com.mycompany.greeting Greeting.wsdl
http://cxf.apache.org/docs/wsdl-to-java.html
3) Create the jax-ws programmatically
wdsl2java have done the work for you
http://cxf.apache.org/docs/how-do-i-develop-a-client.html#HowdoIdevelopaclient?-JAX-WSProxy
HelloService service = new HelloService();
Hello helloClient = service.getHelloHttpPort();
String result = helloClient .sayHi("Joe");
Note: It is also possible configure with spring
4) Configure the authentication with client certificate
This is the hard step
http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html#ClientHTTPTransport(includingSSLsupport)-ConfiguringSSLSupport
Define a conduit file with the reference to your certificate. This is an example
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:http-conf="http://cxf.apache.org/transports/http/configuration"
xmlns:sec="http://cxf.apache.org/configuration/security"
xsi:schemaLocation="http://cxf.apache.org/transports/http/configuration
http://cxf.apache.org/schemas/configuration/http-conf.xsd
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd">
<http-conf:conduit name="*.http-conduit">
<http-conf:tlsClientParameters disableCNCheck="true" secureSocketProtocol="TLS">
<sec:keyManagers keyPassword="password" >
<sec:keyStore type="pkcs12" password="password"
file="yourcertificate.p12" />
</sec:keyManagers> </http-conf:tlsClientParameters>
<http-conf:client Connection="Keep-Alive" MaxRetransmits="1" AllowChunking="false" />
</http-conf:conduit>
</beans>
If you prefer to do programmaticaly you can do
Client client = ClientProxy.getClient(helloClient);
HTTPConduit http = (HTTPConduit) client.getConduit();
//set the parameters in a similar way to file

Filter payload that passes to the transformer in Webservice Proxy pattern in Mule ESB

When using a web service proxy pattern in Mule, you have the ability to pass the message through 1 or more transformers. Is there anyway to avoid passing ?Wsdl gets or other messages filtered on Content-Type for example? My transformer is manipulating the XML payload prior to passing it off to the web service, but I've found my wsdl calls are also being processed by the transformer and failing.
I've put a check in my transformer code, but this doesn't seem like the right way to go about solving this.
if(message.getOriginalPayload().toString().endsWith("wsdl")||!(xmlString.startsWith("<") && xmlString.endsWith(">"))){return message; }
The Proxy config:
<pattern:web-service-proxy name="SR-Proxy"
doc:name="SR-Proxy"
transformer-refs="enrichPayloadWithSFSession"
wsdlFile="service/SR_Webservice.wsdl">
<http:inbound-endpoint exchange-pattern="request-response" host="${hostname}" port="${http.port}" path="service/SRProxy" doc:name="HTTP" />
<https:outbound-endpoint exchange-pattern="request-response" address="${sfdc.wsUrl}SR_Webservice" />
</pattern:web-service-proxy>
Use the http.query.string inbound message property to detect the ?wsdl request.
See http://www.mulesoft.org/documentation/display/current/HTTP+Transport+Reference#HTTPTransportReference-HTTPProperties for more information about the available inbound properties you can find in inbound HTTP messages.

How to make JAX-WS web service secure

I have got a simple 'Helloworld' JAX-WS service deployed in Jboss 5.1.0. It works fine and I am able to invoke my service from SoapUI client/ Java client.
Now I want to have the service secure(SSL enabled) and access using https protocol. I have done changes to my default\deploy\jbossweb.sar\server.xml file in Jboss
<Connector protocol="HTTP/1.1" SSLEnabled="true"
port="8443" address="${jboss.bind.address}"
scheme="https" secure="true" clientAuth="false"
keystoreFile="${jboss.server.home.dir}/conf/ws.keystore"
keystorePass="install01" sslProtocol = "TLS" />
But when I try to do
https://machinename:8443/abc/webservice?wsdl
it does not work
any idea?
To make this happen, first, go through some materials those suggests how SSL works. The reason being, when you intends to enable the SSL, then there are rounds of talk that happens between the client and server. On the top of that, there are also terms which are very much specific to SSL. I suggest, go through articles first. Hope this helps.

How can I specify SSL certificate details for a remote WSDL which is only exposed through HTTPS with Mule ESB?

I want to create a proxy to a remote web service which exposes its WSDL only through HTTPS. I have the certificate details, an I get positive response when using SOAP UI.But I don't want to set JVM -D arguments for keystore & trustore and need Mule SOAP Server Proxy to define them.Below is the snippet which i am using for insecure access to the remote service.
<flow name="remoteProxy" doc:name="remoteProxy">
<http:inbound-endpoint address="http"
doc:name="HTTP" />
<cxf:proxy-service payload="envelope"
wsdlLocation="http://remoteserver.com/service/service26?wsdl" service="ServiceName"
namespace="http://remoteserver.com/provider/service/2012/" port="Port"
doc:name="SOAP">
</cxf:proxy-service>
<https:outbound-endpoint address="http://remoteserver.com/service/service26"
method="POST" doc:name="HTTPTo26"
exchange-pattern="request-response"/>
<cxf:proxy-client payload="envelope" doc:name="SOAP" />
</flow>
for compliance reasons I am not adding any specific details for WSDL and Endpoint. In above cxf:proxy-service wsdlLocation will be HTTPS instead of HTTP.
Configure the TLS parameters directly on your HTTPS connector configuration.
See: http://www.mulesoft.org/documentation/display/current/HTTPS+Transport+Reference#HTTPSTransportReference-HTTPSConnector