Discussion:
SDI ISIM profile security
(too old to reply)
g***@gmail.com
2017-10-12 15:18:25 UTC
Permalink
Raw Message
Hi,

right now we are developing a new ISIM profile with SDI, but our client send us some new requirements.

1. The password must go encrypted(I know that SAMESSO profile develop on SDI do this process, but we wanted to know if this process is achieved through SDI).

2.What is the most secure way to consume a web service? right now we use a AxisEasyInvoke connector.

Regards,
g***@gmail.com
2017-10-12 15:38:15 UTC
Permalink
Raw Message
Another question that we have is, there's a way that use WS security on SDI?

Regards,
Franzw
2017-10-13 07:12:59 UTC
Permalink
Raw Message
Post by g***@gmail.com
Another question that we have is, there's a way that use WS security on SDI?
Regards,
You can use WS security - but there is no ootb WS security connector/FC available.

Most people will craft the XML using the DOM "dot/squarebracket syntax" (you should be able to find a very recent discussion about this in this very forum) and then combine this with a http connector in call/reply mode.

When doing this for an ISIM adapter you will most times have to wrap you calls for reconciliation in a script connector - so this is not for the fainthearted - but going through this exercise will increase you TDI knowledge a lot :-)

Another point is that WSSecurity includes encryption and signing of load - so you will need to know how to this in Java/JavaScript - here the golden TDI rule applies - look into the UserFunction class (aka System) in the APIDoc to see which helper methods there are availble. Also look into the APIDoc in general to see if there are any helper/utility classes to help you out...

HTH
Regards
Franz Wolfhagen

Franzw
2017-10-13 07:05:16 UTC
Permalink
Raw Message
Post by g***@gmail.com
Hi,
right now we are developing a new ISIM profile with SDI, but our client send us some new requirements.
1. The password must go encrypted(I know that SAMESSO profile develop on SDI do this process, but we wanted to know if this process is achieved through SDI).
2.What is the most secure way to consume a web service? right now we use a AxisEasyInvoke connector.
Regards,
Define "most secure way".

There is no such thing - security is not an absolute thing. You will need to protect your communication (e.g. ssl) and your TDI server. So you have to look into you options there.

TDI is basically a JAVA application - so you will need to understand how this works with the different keystore files and encryption options.

Without that understanding you cannot judge anything about the level of security.

HTH
Regards
Franz Wolfhagen
Loading...