Thursday, April 19, 2012

Securing the last mile --> OEG and OSB Part 2

Now let’s get rid of the hard coding of user/pwd in OEG.

Open the "Secure" policy

Add 2 Retrieve from HTTP Header filters
userName -->
password --> authentication.subject.password

Now set the InsertWSS UsernameToken Filter we amended earlier, back to the following –

Deploy and Test

Add the following headers to the request in Service Explorer

No comments: