WS-Security Tutorial

Applies to ReadyAPI 3.7, last modified on April 19, 2021

This tutorial explains how to add WS-Security (WSS) to your tests in ReadyAPI by using keystores and truststores. ReadyAPI manages WS-Security configurations at the project level, so these configurations can be used in different places of your project:

  • For outgoing requests and their responses.

  • For incoming requests to virtual APIs and for the responses sent by these APIs.

  • For monitored requests and responses in the SOAP Monitor.

Basic Configuration

  1. Switch to the APIs node and select Auth & Security > WSS Config on the toolbar.

    The WSS Configuration button

    Click the image to enlarge it.

  2. In the subsequent dialog, switch to the Keystore tab, click , and select the keystore file.

    The Add Keystore button

    Click the image to enlarge it.

  3. Enter the keystore password.

    Entering the keystore password

  4. Make sure the Status is OK. If it is not, make sure you have specified the correct keystore and password.

    The keystore status

    Click the image to enlarge it.

  5. Switch to the Outgoing WS-Security Configurations tab and click .

    The Add Outgoing Configuration button

    Click the image to enlarge it.

  6. Enter the name of the outgoing configuration and click OK.

    Naming the outgoing configuration

  7. Create a new WSS entry in the editor below.

    Adding the outgoing entry

    Click the image to enlarge it.

  8. Select Encryption from the drop-down menu and click OK.

    Creating the encryption entry

  9. Select the keystore and key alias to use and enter the password for that alias and click OK.

    Configuring the encryption entry

    Click the image to enlarge it.

  10. Open the SOAP request you want to apply the encryption to and expand the Auth panel.

  11. Click Add Authorization Profile and add a Basic authorization.

    Adding authorization profile

    Click the image to enlarge it.

  12. In the Outgoing WSS drop-down list, select the WS-Security you have added.

    Adding the outgoing configuration to the request

    Click the image to enlarge it.

  13. Finally, execute the SOAP request and click the Raw tab to verify that the encryption is added to the outgoing request.

    The raw request

    Click the image to enlarge it.

Alternative: Adding an Outgoing Configuration Explicitly

As an alternative to using the Auth tab, you can right-click in the XML editor and select Outgoing WSS in the drop-down list. This will generate an outgoing WSS and add it to the current XML message.

Applying the outgoing WSS

When you receive a message with an associated WSS configuration, the results are shown in the WSS inspector. The inspector shows a list of processing results and the occurred errors:

The WSS inspector

Click the image to enlarge it.

See Also

About WS-Security
WS-Security Properties

Highlight search results