Page History
...
Out of box the Blueriq Runtime supports security on Blueriq as a Service. In Blueriq it is possible to create your own web services, either via REST or SOAP. In order to secure a BAAS a shortcut needs to be created for the BAAS project, more information about creating shortcuts can be found here. When a shortcut is created a new property needs to be added.
Code Block |
---|
blueriq.shortcut.ExampleShortcut.securityEnabled=true |
When adding this property to a BAAS shortcut the BAAS will be marked as secure. This means that the BAAS shortcut now enforces basic authentication. The WSDL endpoint of a SOAP webservice are still reachable even if a shortcut is marked as secure.
Example
When a shortcut is defined like this:
Code Block |
---|
blueriq.shortcut.Webservice.project=export-Webservice
blueriq.shortcut.Webservice.version=0.0-Trunk
blueriq.shortcut.Webservice.securityEnabled=true |
Since Blueriq R13 it is not needed to use 'securityEnabled' anymore for the shortcut, it will always be secured when there is a role set in studio.
For an example how to set a role on a process : Authorization algorithms. Setting a role is also possible on other Blueriq items like Flows, Services etc.
Security endpoints
These endpoints are secured when there is a role setThese endpoints are secured.
Code Block |
---|
REST: Runtime/server/rest/Webservice/** SOAP: webservices/aaas/Webservice/** |
...
Code Block |
---|
webservices/aaas/Webservice/aaas.wsdl |
Warning |
Blueriq only secures endpoints on startup! Newly created secure shortcuts while the Runtime is running are not registered. |