About security

Data esb security wso2

CI/CD gitlab pipelines for ESB projects


  • the Carbon console is ugly: the less you see it, the better
  • development and testing are iterative processes: you might need to deploy several versions before everything is OK and you do not want to perform these actions manually
  • you need a simple way to determine which version of …
Data esb security wso2

Information Leaks with ESB projects

When dealing with WSO2 ESB projects, you have to be especially careful with headers, for a lot of sensitive data might leak through them. Let's take an example. Here we have a typical usage of the ESB: expose a REST API to interface some services with a legacy SOAP back-end …

Data esb security wso2

Implement token renewal authentication while calling an Oauth2 backend

Here is an other limitation of this product: it does not deal with Oauth authentication so you need to create your own sequence to deal with it. Let's call it auth_oauth.

Before you call any resource that require oauth authentication, run the following sequence.

<sequence name="auth_oauth" trace …

Page 1 / 1