You are viewing the documentation for Blueriq 15. Documentation for other versions is available in our documentation directory.

Blueriq as a Service 

In Blueriq it is possible to create your own web services, either via REST or SOAP. Blueriq Runtime supports security on Blueriq as a Service out of the box by adding roles to the webservice definition. It is also necessary to use the 'securityEnabled' property on the shortcut, it will make sure that the endpoint itself will be secured.

Secured shortcuts

It's possible to secure BAA(R)Ses by providing a property to the shortcuts for the baa(r)s:

application.properties
blueriq.shortcut.<shortcut name>.securityEnabled = true

Adding a role to the webservice

To secure a webservice a role must be added to the baa(r)s service. There are two methods to add roles to the service, at the service definition or at the exposed flow which is started from the webservice.

Service definition

A role can be added at the soap/rest service definition.

Exposed flow

A role can be added at the exposed flow (which is started from the service definition). This can be useful if the flow is started from multiple contexts. Otherwise adding the role at the service definition is preferable over this option.

Security endpoints

These endpoints are secured when a role is set and the securityEnabled property is enabled for the shortcut.

REST: Runtime/server/rest/Webservice/Operation
SOAP: webservices/aaas/Webservice/Operation

The SOAP WSDL is not secured.

webservices/aaas/Webservice/aaas.wsdl