Creating the Report Identity message flow
The Security Identity Propagation sample SecurityIdentityReportFlow message flow is supplied,
but if you prefer to create the message flow yourself, use the following instructions:
- Create a new message flow called SecurityIdentityReportFlow in the Message Broker project
called SecurityIdentitySampleFlowProject. For instructions,
see Creating a message flow
in the WebSphere Message Broker documentation.
- In the Message Flow editor, add and rename the nodes listed in the following table.
For instructions,
see Adding a node
in the WebSphere Message Broker documentation.
Palette drawers |
Node type |
Node name |
HTTP |
HTTPInput |
HTTP_ReportIdentity |
Transformation |
Compute |
Report Identity |
HTTP |
HTTPReply |
HTTP_ReportIdentity Reply |
- Connect the nodes together in the order as listed in the previous table.
For instructions,
see Connecting nodes
in the WebSphere Message Broker documentation.
To check that you have connected the nodes together correctly,
see the diagram in About the Security Propagation sample.
- Configure the node properties as listed in the following table.
Accept the default values for all properties unless an alternative value
is listed in the table.
For instructions, see Configuring a message flow node
in the WebSphere Message Broker documentation.
Node name |
Page |
Property |
Value |
HTTP_ReportIdentity |
Basic |
Path suffix |
/Security/Identity/ReportIdentity |
Input Message Parsing |
Message domain |
XMLNSC |
- In the Message Flow editor, double-click the Compute node called Report Identity to
open the ESQL editor. Copy and paste the following ESQL code modules to the ESQL file,
and then save the file. For more information,
see Developing ESQL
in the WebSphere Message Broker documentation.
CREATE FUNCTION Main() RETURNS BOOLEAN
BEGIN
CALL CopyEntireMessage();
-- Optionally Report the Incomming Identity Source
DECLARE OurMsgRef REFERENCE TO OutputRoot.XMLNSC.Envelope.Body;
IF lastmove(OurMsgRef) THEN
CREATE LASTCHILD OF OurMsgRef NAME 'PropagatedIdentityReport';
MOVE OurMsgRef LASTCHILD;
CREATE LASTCHILD OF OurMsgRef NAME 'Type' VALUE InputRoot.Properties.IdentitySourceType;
CREATE LASTCHILD OF OurMsgRef NAME 'Token' VALUE InputRoot.Properties.IdentitySourceToken;
CREATE LASTCHILD OF OurMsgRef NAME 'Password' VALUE InputRoot.Properties.IdentitySourcePassword;
CREATE LASTCHILD OF OurMsgRef NAME 'IssuedBy' VALUE InputRoot.Properties.IdentitySourceIssuedBy;
END IF;
-- Output is MQ, so delete HTTP headers from tree
SET OutputRoot.HTTPInputHeader = NULL;
-- For clarrity remove "MessageIdentity" from tree if present
SET OutputRoot.XMLNSC.Envelope.Body.MessageIdentity = NULL;
RETURN TRUE;
END;
- Save the message flow.
Back to Building the Security Identity Propagation sample
Back to sample home