Question

1
Replies
143
Views
EugeneR7 Member since 2013 30 posts
Deutsche Bank
Posted: 2 years ago
Last activity: 1 year 11 months ago
Closed

Grouping security settings across multiple connect-soap rules to single place

We interact with another application via soap services which have been imported into Pega (7.3.1) via provided wsdl. The wsdl contains a fairly large number of methods (100+) for various purposes, and through import, each selected method will create its relevant class structure and a method-specific Connect-SOAP rule.

We now have to lock down the services via various security measures and due to the nature of how Pega imports the methods, the work becomes significant, as each connect-soap rule must be individually configured.

Specifically, we can create a single WS Security Profile, but each Connect-SOAP rule will have to be modified. Or if we have to get a token and pass in header, we still have to configure each Connect-SOAP rule for additional header detail.

Are there any available options within our current version where we can make a change only once, and have this be applicable for all relevant Connect-SOAP rules? I've looked at InvokeAxis2 and pretty much the security detail comes from the security policy, but there isn't anything higher than that.

It is quite counter productive to have to enforce security for each method which ultimately hits the same endpoint.

Maybe as a feature request, it's possible to have something like a service package, but for connectors (like Connector Group) where you can define common attributes for a set of services (security policies, headers, etc)?

Low-Code App Development Data Integration
Moderation Team has archived post
Share this page LinkedIn