Page History
...
Out of box the Blueriq Runtime supports security on Blueriq as a Service. In Blueriq it is possible to create your own web services, either via REST or SOAP. In order to secure a BAAS a shortcut needs to be created for the BAAS project, more information about creating shortcuts can be found here. When a shortcut is created a new property needs to be added.
| Code Block |
|---|
blueriq.shortcut.ExampleShortcut.securityEnabled=true |
When adding this property to a BAAS shortcut the BAAS will be marked as secure. This means that the BAAS shortcut now enforces basic authentication. The WSDL endpoint of a SOAP webservice are still reachable even if a shortcut is marked as secure.
Example
When a shortcut is defined like this:
| Code Block |
|---|
blueriq.shortcut.Webservice.project=export-Webservice
blueriq.shortcut.Webservice.version=0.0-Trunk
blueriq.shortcut.Webservice.securityEnabled=true |
Since Blueriq R13 it is not needed to use 'securityEnabled' anymore for the shortcut, it will always be secured when there is a role set in studio.
For an example how to set a role on a process : Authorization algorithms. Setting a role is also possible on other Blueriq items like Flows, Services etc.
Security endpoints
These endpoints are secured when there is a role setThese endpoints are secured.
| Code Block |
|---|
REST: Runtime/server/rest/Webservice/** SOAP: webservices/aaas/Webservice/** |
...
| Code Block |
|---|
webservices/aaas/Webservice/aaas.wsdl |
| Warning |
| Blueriq only secures endpoints on startup! Newly created secure shortcuts while the Runtime is running are not registered. |
Overview
Content Tools