Reading Service Account Details in OSB using fn-bea:lookupBasicCredentials

In continuation to the last blog, we will see the second approach to read the credential details from a Service Account and pass these to target system. It is quite safe to use in OSB to save credentials and authentication.

• create a service account, select resource type as "Static" and update the credentials.
• create relevant proxy, biz services.
• Now create one dummy Xquery selecting target schema structure, which will read created service account and assign value to target xml elements, named as lookupPassword.xq in my case as below

declare namespace ns0 = "http://www.example.org/sayHello/";

declare namespace funcLookup = "http://tempuri.org/ServiceAccountlookup/Funclookup/";

declare namespace ns1 = "http://www.example.org/request/";

declare namespace xf = "http://tempuri.org/ServiceAccountlookup/lookupPasswrd/";

declare namespace con ="http://www.bea.com/wli/sb/services/security/config";

declare function funcLookup:getUserName($usernameVar as xs:string) as xs:string

{

  let $data := fn-bea:lookupBasicCredentials($usernameVar)

  return

    if (exists($data/con:username/text()))

    then $data/con:username/text()

    else ""

};

declare function funcLookup:getPassword($passwordVar as xs:string) as xs:string

{

  let $data := fn-bea:lookupBasicCredentials($passwordVar)

  return

    if (exists($data/con:password/text()))

    then $data/con:password/text()

    else "as"

};

declare function xf:lookupPasswrd($newOperation1 as element(ns1:NewOperation))

    as element(ns0:NewOperation) {

       

            {funcLookup:getUserName("ServiceAccountlookup/ServiceAccount")}

            {funcLookup:getPassword("ServiceAccountlookup/ServiceAccount")}

       

};

• Use the replace activity to assign output of above xq in $header variable.
• Deploy and run the test, here is the Result 

Reading XML/Xquery (Password) file in OSB

Some days back, I came across a case where I need to pass the Username/password to target system in header of soap message, which will authenticate the request. This authentication will be used in lots of OSB services so can't be hard coded in each service as it will be big maintenance task in case of credentials change.

I got two ways to achieve this, probably third will come soon where my colleague is working.

First : Store details in XML/Xquery file and use it while doing header transformation.

• Create a dummy xquery (.xq file) to save the details as below

declare namespace ns0 = "http://www.example.org/passwordDetail";

declare namespace xf = "http://tempuri.org/xmlLookup/passwordDetail/";

declare function xf:passwordDetail($password1 as element(ns0:password))

    as element(ns0:password) {

        sotiPassword

};

• Read this .xq and assign to a variable using Assign Activity.
• Use Replace activity to update header as below

• Deploy and see the result as below

I will explain the second approach in my next blog here.