Do not input private or sensitive data. View Qlik Privacy & Cookie Policy.
Skip to main content

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Join us to spark ideas for how to put the latest capabilities into action. Register here!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Anonymous
Not applicable
‎2017-11-24 03:09 AM

ESB with Certificates and ADFS

Hello,

I am quite new with Talend ESB and have a task at work.

I need to design an architecture where ESB handles and secures the communication with certificates and authenticates the users with AD FS.

 

I hope i am clear enough.

Thank you for the replays.

 

Cheers.

Labels (2)
Labels
382 Views
0 Likes
5 Replies
Anonymous
Not applicable
‎2017-11-30 10:19 PM
Author

Hello,

Could you please have a look at this document about:TalendHelpCenter: Security Token Service to see if it is what you are looking for?

Best regards

Sabrina

382 Views
0 Likes
Anonymous
Not applicable
‎2017-12-11 04:08 AM
Author

Hello, 

 

Can you give us some additional details so we can help please ?

 

Do you need to use certificates for encryption, signature or authentication ?

* Karaf provides native ssl support for encryption, on port 9001

(See etc/org.ops4j.pax.web.cfg configuration file)

 

Regarding authentication, have you chosen a standard protocole (basic HTTP, SAML, OIDC, X509, ...) ?

* Karaf and Talend services can be easily configured to use one of these and authenticates against an LDAP system with a simple jaas class.

 

Let us know.

Thomas

382 Views
0 Likes
Anonymous
Not applicable
‎2017-12-11 04:26 AM
Author

Hello,

well i thought that using SAML protocol is enough to make it secure. If that is not the point, then i will have to use TSL certificates to make a connection secure and SAML protocol for authentication.

 

Basic usage of the system will be:

-Getting a request from an User to ESB(secured with certificates or STS if that's enough)

-Check permissions and roles via AD FS with SAML

-Execute the request

 

hope that's enough informations

382 Views
0 Likes
Anonymous
Not applicable
‎2017-12-11 12:14 PM
Author

Ok, let's start with the certificate.

 

1 - Design a simple web service and make sure it is deployed on runtime server and that you can request it on http port 8040.

2 - Import your certificate sent by a certified provider into a keystore

(See https://wiki.eclipse.org/Jetty/Howto/Configure_SSL#Loading_Certificates_with_keytool -> Loading certificates with keytool)

3 - Update etc/org.ops4j.pax.web.cfg file to reference your keystore and set credentials to open it

(See https://ops4j1.jira.com/wiki/spaces/paxweb/pages/12059277/SSL+Configuration)

4 - Try to request your web service on https and port 9001

 

Let me know if it works.

Thomas

382 Views
0 Likes
Anonymous
Not applicable
‎2017-12-13 08:00 AM
Author

Thank you for the response.

 

The issue is I need to create a server certificate and user certificate, because I'm doing a demo Project to show my boss.

I have a simple Service, that says hello. I've researched a lot about SAML, STS, certificates. The problem comes when I try to implement it and nobody can help me because they don't know anything about this... i know it's a bit odd 0683p000009MACJ.png

I've tried sending a token request via SOAPUI on talend runtime and receive a response. 

But implement everything in my service, so he send a token request and then takes the response and puts it in the header is a mystery to me .

 

If you could help me with this i would really appreciate it 0683p000009MACn.png

382 Views
0 Likes