A webMethods Integration Server (IS) service is a user-defined Integration Server flow service that you can invoke in:
Request Processing steps, to preprocess the request message before it is submitted to the native service.
Response Processing steps, to preprocess the response message from the native service before it is returned to the consuming application.
A webMethods IS service must be running on the same Integration Server as webMethods Mediator. It can call out a C++ or Java or .NET function. It can also call other Integration Server services to manipulate the SOAP message.
The input pipeline for a webMethods IS service should have the following input variables:
proxy.name: This is the name of the virtualized service.
SOAPEnvelope: Contains the SOAP envelope. This is of the Java type org.apache.axiom.soap.SOAPEnvelope.
EnvelopeString: Contains the SOAP envelope as a string.
Limitation: EnvelopeString will not be sent to IS services if a request uses the "MTOM" SOAP Optimization Method and if the Integration Server property watt.server.SOAP.MTOMStreaming.enable is set to true.
MessageContext: Mediator will automatically place a MessageContext variable into the pipeline before executing the webMethods IS service call. MessageContext is of the Java type org.apache.axis2.context.MessageContext.
Integration Server users can use the Axis2 MessageContext object to manipulate the incoming SOAP request. The Integration Server provides built-in services (i.e., the pub.soap.* services) to work with the MessageContext object to get/set/modify the SOAP body, header, properties, etc. Integration Server users should use these services to extract the information they need from the MessageContext to build the necessary business logic. Users do not need to understand Axis2 or Axiom (the xml object model based on StAX) to work with the SOAP request, because if they are familiar with the Integration Server pub.soap services, they can accomplish most of the tasks. For more information about these related Integration Server services, see the webMethods Integration Server Built-In Services Reference.
JSONRESTContentString: Will appear only for REST services with the Content-Type application/json or application/json/badgerfish. For more information, see Multiple Root Nodes in JSON REST Services.
UpdatedJSONRESTContentString: Will appear only for REST services with the Content-Type application/json or application/json/badgerfish. For more information, see Multiple Root Nodes in JSON REST Services.
You can use the following constructs in a webMethods IS service:
Predefined or custom context variables. For more information, see Using Context Variables in Virtual Services.
The Security API provided by Mediator (for SOAP-based services only). For more information, see Using the Security API in webMethods IS Services.
Note:
This API is for SOAP-based services only.
Mediator provides Java services that you can use to support WS-Security functionality in a webMethods IS service that you invoke in the Request Processing step.
These services include the following:
Adds the WS-Username Token 1.0 and 1.1 to the request. This service includes the following input parameters:
Note:
For reasons of legibility some of the examples below contain break
lines and may not work when pasted into applications or command line tools.
| Parameter | Data Type | Required? | Java Type | Description | Default Value |
|---|---|---|---|---|---|
| username | String | Yes | String | The value that will be added as the Username element in the token. | "" |
| MessageContext | Object | Yes |
org.apache. axis2.context. MessageContext |
Mediator will place a MessageContext variable into the pipeline before executing the webMethods IS service call. |
org.apache. axis2.context. MessageContextinstance |
| password | String | No | String | The password for the token; must be specified if the passwordType (see below) is specified as either TEXT or DIGEST. | "" |
| passwordType | String | No | String | Specifies how the password will be added in the
token. It takes 3 values:
|
NONE |
| addNonce | Boolean | No | Boolean | Specifies whether the Nonce element will be added to the token. | False |
| addCreated | Boolean | No | Boolean | Specifies whether the Created element will be added to the token | False |
| salt | byte[] | No | byte[] | The value for the /wsse11:UsernameToken/wsse:Salt element. Its value is a 128 bit number serialized as xs:base64Binary. | null |
| iteration | int | No | Integer | Indicates the number of times the hashing operation is repeated when deriving the key. It is expressed as a xs:unsignedInteger value. If it is not present, a value of 1000 is used for the iteration count. | 1000 |
| useMac | Boolean | No | Boolean | Indicates if the derived key will be used as a Message Authentication Code (MAC) or as a symmetric key for encryption. | False |
| useBasic AuthCredentials | Boolean | No | Boolean | If this parameter is set to True, Mediator will try to use the username and password from the “Authorization” HTTP header. In this case the ‘username’ and ‘password’ fields need not be specified. | False |
| actor | String | No | String | Indicates the value of the SOAP actor attribute if a new security header is being added to the SOAP request. If the request already has a security header with the actor specified in it, then this value will not overwrite it. | "" |
| mustUnderstand | Boolean | No | Boolean | Specifies whether the security header will have the mustUnderstand attribute set to 0 or 1 (false / true). If the security header already has this attribute set, then this value will not overwrite it. | False |
Adds a X.509 certificate (or certificate chain) as a BinarySecurityToken (BST) element in the outbound SOAP request. This service includes the following input parameters:
Note:
For reasons of legibility some of the examples below contain break
lines and may not work when pasted into applications or command line tools.
| Parameter | Data Type | Required? | Java Type | Description | Default Value |
|---|---|---|---|---|---|
| MessageContext | Object | Yes |
org.apache. axis2.context. MessageContext |
Mediator will place a MessageContext variable into the pipeline before executing the webMethods IS service call. |
org.apache. axis2.context. MessageContextinstance |
| keystoreFile | String | Yes | String | The absolute path to a keystore file on the system where Mediator is running . | "" |
| keystorePassword | String | Yes | String | The password for the keystore. | "" |
| keystoreType | String | No | String | The type of keystore represented by the file (can be JKS, JCEKS or PKCS12). | JKS |
| keyAlias | String | Yes | String | The key alias whose X509 certificate will be sent in the soap request as a BST. | "" |
| useCertificatePath | Boolean | No | Boolean | If set to true will use the entire certificate chain represented by the key alias instead of just a single certificate; default is false. | False |
| actor | String | No | String | Indicates the value of the SOAP actor attribute if a new security header is being added to the SOAP request. If the request already has a security header with the actor specified in it, then this value will not overwrite it. | "" |
| mustUnderstand | Boolean | No | Boolean | Specifies whether the security header will have the mustUnderstand attribute set to 0 or 1 (false / true). If the security header already has this attribute set, then this value will not overwrite it. | False |
This service enables a Security Token Service (STS) client to send a WS-Trust request to a configured STS to obtain a SAML v1/v2 assertion. For the details about configuring Mediator to act as an STS client, see the section Configuring Mediator in the document Administering webMethods Mediator.
This service adds the obtained SAML assertion to the original request that is sent by the client to the native service, and includes the following parameters.
Note:
For reasons of legibility some of the examples below contain break
lines and may not work when pasted into applications or command line tools.
| Parameter | Data Type | Required? | Java Type | Description | Default Value |
|---|---|---|---|---|---|
| ConfigName | String | Yes | String | References a previously configured STS configuration name. | "" |
| MessageContext | Object | Yes |
org.apache. axis2.context. MessageContext |
Mediator will place a MessageContext variable into the pipeline before executing the webMethods IS service call. |
org.apache. axis2.context. MessageContextinstance |
| addTimeStamp | Boolean | No | Boolean | Adds a Timestamp element (with the duration specified in timeToLive) to the WS-Security header of the request, and includes it in the signature. (The other items that are signed are the body and SAML assertion.) | False |
| timeToLive | Integer | No | Integer | If addTimeStamp is true, timeToLive specifies the duration (in seconds) for which the request is valid. | 300 seconds (5 minutes) |
| actor | String | No | String | Indicates the value of the SOAP actor attribute if a new security header is being added to the SOAP request. If the request already has a security header with the actor specified in it, then this value will not overwrite it. | "" |
| mustUnderstand | Boolean | No | Boolean | Specifies whether the security header will have the mustUnderstand attribute set to 0 or 1 (false / true). If the security header already has this attribute set, then this value will not overwrite it. | False |
Example of using AddSamlSenderVouchesToken
The sample service shown below is configured by providing the
MessageContext and ConfigName
parameters. The value of ConfigName must be the name of
a previously configured STS name, which is configured on the Mediator
Configuration page.
Adds a timestamp to the outbound SOAP request WS-Security header. This service includes the following input parameters:
Note:
For reasons of legibility some of the examples below contain break
lines and may not work when pasted into applications or command line tools.
| Parameter | Data Type | Required? | Java Type | Description | Default Value |
|---|---|---|---|---|---|
| timeToLive | Integer | No | Integer | Specifies the duration (in seconds) for which the request is valid. | 300 seconds (5 minutes) |
| signTimestamp | Boolean | No | Boolean | Indicates whether the generated timestamp must
be signed by Mediator using the configured keystore and signing alias.
Note: |
False |
| useMilliSecondPrecision | Boolean | No | Boolean | Indicates whether the generated timestamp must have millisecond precision. | True |
| MessageContext | Object | Yes |
org.apache. axis2.context. MessageContext |
Mediator will place a MessageContext variable into the pipeline before executing the webMethods IS service call. |
org.apache. axis2.context. MessageContextinstance |
| actor | String | No | String | Indicates the value of the SOAP actor attribute if a new security header is being added to the SOAP request. If the request already has a security header with the actor specified in it, then this value will not overwrite it. | "" |
| mustUnderstand | Boolean | No | Boolean | Specifies whether the security header will have the mustUnderstand attribute set to 0 or 1 (false / true). If the security header already has this attribute set, then this value will not overwrite it. | False |
Adds WS-Addressing headers to a SOAP request sent by the client before Mediator forwards the request to the native service.
This service includes the following input parameters:
Note:
For reasons of legibility some of the examples below contain break
lines and may not work when pasted into applications or command line tools.
| Parameter | Data Type | Required? | Java Type | Description | Default Value |
|---|---|---|---|---|---|
| isVersionSubmission | Boolean | No | Boolean | The WS-Addressing version that should be used.
|
False |
| To | String | No | String | This value corresponds to the
/wsa:To addressing header. You must specify a
value that corresponds to the destination of the request message. If this value
is not specified, then depending on the
isVersionSubmission property value, one of the
following anonymous EPR values will be sent:
If http://schemas.xmlsoap.org/ ws/2004/08/addressing/role/ anonymous If http://www.w3.org/ 2005/08/addressing/ anonymous |
|
| From | String | No | String | This value corresponds to the
/wsa:From addressing header and refers to the
source of the message.
|
"" |
| Action | String | No | String | This value corresponds to the
/wsa:Action addressing header. By default, this
property has the same value as the operation on the virtualized service being invoked
(which will usually correspond to the same operation on the native service).
But the user can specify a different value corresponding to the native service
being called.
|
URI identifying input operation corresponding to a WSDL port type being called on the virtualized service. |
| MessageContext | Object | Yes |
org.apache. axis2.context. MessageContext |
Mediator will place a MessageContext variable into the pipeline before executing the webMethods IS service call. |
org.apache. axis2.context. MessageContextinstance |
| actor | String | No | String | Indicates the value of the SOAP actor attribute if a new security header is being added to the SOAP request. If the request already has a security header with the actor specified in it, then this value will not overwrite it. | "" |
| mustUnderstand | Boolean | No | Boolean | Specifies whether the security header will have the mustUnderstand attribute set to 0 or 1 (false / true). If the security header already has this attribute set, then this value will not overwrite it. | False |
Example of using AddWSAddressingHeaders
The sample service shown below is configured by providing the
MessageContext parameter.
