WS-Sec with X509: working yes/no?

guycrets
Participant IV

Dino-at-Google answered the question "Ws Security signature verification" mid 2018.

Do I read this answer correctly that open source ApigeeEdge-Java-WsSec-Signature is no longer working? And as such, Apigee can no longer support WS-Sec X509 Token Profile?

If indeed no longer supported, is it still working in on-premises version 4.18 and/or 4.19? And could you elaborate if it may stop working in future on-prem versions of Apigee?

Looking forward to your feedback.

Solved Solved
0 1 163
1 ACCEPTED SOLUTION

You did read correctly a comment to a prior discussion, that says the ApigeeEdge-Java-WsSec-Signature callout is no longer working in the public cloud. That is true, for now.

This callout will still work on the on-premises versions of Apigee Edge. The in-cloud version has introduced some additional restrictions on the Java callouts. As an operator of the on-prem version, you have control over those Java permissions and can relax them as appropriate.

On the side I am working to see if I can get the WS-SEC callout working again in the public cloud.


UPDATE

As of October 2019, this callout works in the cloud:

https://github.com/DinoChiesa/ApigeeEdge-Java-WsSec-Signature-2

View solution in original post

1 REPLY 1

You did read correctly a comment to a prior discussion, that says the ApigeeEdge-Java-WsSec-Signature callout is no longer working in the public cloud. That is true, for now.

This callout will still work on the on-premises versions of Apigee Edge. The in-cloud version has introduced some additional restrictions on the Java callouts. As an operator of the on-prem version, you have control over those Java permissions and can relax them as appropriate.

On the side I am working to see if I can get the WS-SEC callout working again in the public cloud.


UPDATE

As of October 2019, this callout works in the cloud:

https://github.com/DinoChiesa/ApigeeEdge-Java-WsSec-Signature-2