Securing the OSGi Service Layer
The following procedure describes the steps you must execute in order to secure the OSGi service layer of your Application Platform Java or web project.
To Secure the OSGi Service Layer of your
Application Platform project
1. In Designer, go to the Project Explorer or Package Explorer and right-click your project.
2. Create the required Java class to be published as an OSGi service.
For information about creating classes, see the Software AG Designer Online Help.
3. Add the @Service annotation to the class, created in step 2.
4. Add the @Secure annotation to the class, created in step 2.
5. Optional. To enable declarative security, add one of the following annotations, depending on your server:
For
My webMethods Server, add the
@DenyAll, the
@PermitAll, or the
@RolesAllowed annotation at the class or method level.
For
Integration Server, add the
@AclAllowed annotation at the class or method level to define an Access Control List (ACL) parameter.
6. Optional. To enable dynamic runtime security, associate the class, created in step 2 with the SecurityContext class.
For information about the SecurityContext class, see Getting Started with the webMethods Application Platform API.
7. Optional. If the project does not have a Bnd template:
a. Go to the Project Explorer or Package Explorer and select App Platform.
b. Click Create Bnd template.
8. Double-click the Bnd template file, located here: project_name/src/main/resources/OSGI-OPT/bnd.bnd.
9. Edit the bnd.bnd file by adding the following entry:
Require-Bundle:com.softwareag.applatform.pls.security
Note: This entry is a security bundle, which ensures that the SSO support can be enabled for this POJO service.
Important: If your Application Platform project was created in version 9.8 and you are using a custom MANIFEST.MF file instead of a bnd.bnd file, you must add the entry to the MANIFEST.MF file.
10. Optional. If you are configuring an Application Platform project created in version 9.9 or before, redeploy your project to a runtime, configured in a later release of Application Platform than version 9.9.