Over a million developers have joined DZone.

Testing a Secured Mule ESB Web Service Proxy with SoapUI

· Java Zone

What every Java engineer should know about microservices: Reactive Microservices Architecture.  Brought to you in partnership with Lightbend.

A few weeks ago I received a mail with a request to look into an issue which I was pretty sure I had solved it before. Since I couldn’t find how I did it back then I decided to post it here for future reference. The situation is like this: a web service is proxied with Mule ESB and password protection is added to it by applying Spring Security. The configuration of the service looks like this:
<?xml version="1.0" encoding="UTF-8"?>
<mule xmlns:mulexml="http://www.mulesoft.org/schema/mule/xml" xmlns:https="http://www.mulesoft.org/schema/mule/https"
	xmlns="http://www.mulesoft.org/schema/mule/core" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns:spring="http://www.springframework.org/schema/beans" xmlns:http="http://www.mulesoft.org/schema/mule/http"
	xsi:schemaLocation="http://www.mulesoft.org/schema/mule/xml http://www.mulesoft.org/schema/mule/xml/current/mule-xml.xsd
       http://www.mulesoft.org/schema/mule/https http://www.mulesoft.org/schema/mule/https/current/mule-https.xsd 
       http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-current.xsd
       http://www.mulesoft.org/schema/mule/core http://www.mulesoft.org/schema/mule/core/3.3/mule.xsd
       http://www.mulesoft.org/schema/mule/http http://www.mulesoft.org/schema/mule/http/3.3/mule-http.xsd
       http://www.mulesoft.org/schema/mule/pattern http://www.mulesoft.org/schema/mule/pattern/3.3/mule-pattern.xsd
       http://www.mulesoft.org/schema/mule/spring-security http://www.mulesoft.org/schema/mule/spring-security/3.3/mule-spring-security.xsd
       http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">

			name="memory-dao" delegate-ref="authenticationManager" />

        <ss:authentication-manager alias="authenticationManager">
                <ss:user-service id="userService">
                    <ss:user name="pascal" password="alma" authorities="ROLE_ADMIN" />

    <http:connector name="NoSessionConnector">
        <service-overrides sessionHandler="org.mule.session.NullSessionHandler" />

    <pattern:web-service-proxy name="countries">
        <http:inbound-endpoint address="http://localhost:8080" exchange-pattern="request-response">
            <mule-ss:http-security-filter realm="mule-realm" />
        <http:outbound-endpoint address="http://www.webservicex.net/country.asmx" exchange-pattern="request-response" />
I think the code is quite straightforward. Every request coming in at 'http://localhost:8080' is forwarded to 'http://www.webservicex.net/country.asmx' after the subject has been authenticated against the ‘authentication-provider’.

To test this setup I created a SoapUI project. Also this is quite straightforward but I show it here anyway. I use SoapUI 4.5.1.

  • Create a new SoapUI project
  • Screen Shot 2013-01-19 at 09.13.10

  • Enter a name and the WSDL of the service
  • Screen Shot 2013-01-19 at 09.14.02

  • Test the service by making a call
  • Screen Shot 2013-01-19 at 09.18.05

  • Use the web service proxy
  • Screen Shot 2013-01-19 at 13.25.23

  • Supply username and password
  • Screen Shot 2013-01-19 at 13.47.25

Until here it is all straightforward except for the result in the last call!
Screen Shot 2013-01-19 at 14.00.54
It seems that the username and password is not supplied in the call to the proxy. This is a setting in SoapUI that you have to enable. It is ‘hidden’ in the ‘Preferences’ of the tool. You have to enable the setting like this:
Screen Shot 2012-12-24 at 14.25.44
While testing this code for the post I also had to uncheck the following option to get a ‘human-readable’ response in SoapUI:
Screen Shot 2012-12-24 at 21.42.49
Now if you send a request you get the expected answer:
Screen Shot 2013-01-19 at 13.54.47

Microservices for Java, explained. Revitalize your legacy systems (and your career) with Reactive Microservices Architecture, a free O'Reilly book. Brought to you in partnership with Lightbend.


Published at DZone with permission of Pascal Alma, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

The best of DZone straight to your inbox.

Please provide a valid email address.

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}