Creating the Report Identity message flow

The Security Identity Propagation sample SecurityIdentityReportFlow message flow is supplied, but if you prefer to create the message flow yourself, use the following instructions:

  1. Create a new message flow called SecurityIdentityReportFlow in the Message Broker project called SecurityIdentitySampleFlowProject. For instructions, see Creating a message flow in the WebSphere Message Broker documentation.
  2. In the Message Flow editor, add and rename the nodes listed in the following table. For instructions, see Adding a node in the WebSphere Message Broker documentation.
    Palette drawers Node type Node name
    HTTP HTTPInput HTTP_ReportIdentity
    Transformation Compute Report Identity
    HTTP HTTPReply HTTP_ReportIdentity Reply
  3. Connect the nodes together in the order as listed in the previous table. For instructions, see Connecting nodes in the WebSphere Message Broker documentation.
    To check that you have connected the nodes together correctly, see the diagram in About the Security Propagation sample.
  4. Configure the node properties as listed in the following table. Accept the default values for all properties unless an alternative value is listed in the table.
    For instructions, see Configuring a message flow node in the WebSphere Message Broker documentation.
    Node name Page Property Value
    HTTP_ReportIdentity Basic Path suffix /Security/Identity/ReportIdentity
    Input Message Parsing Message domain XMLNSC
  5. In the Message Flow editor, double-click the Compute node called Report Identity to open the ESQL editor. Copy and paste the following ESQL code modules to the ESQL file, and then save the file. For more information, see Developing ESQL in the WebSphere Message Broker documentation.
    	CREATE FUNCTION Main() RETURNS BOOLEAN
    	BEGIN
    		CALL CopyEntireMessage();
    		-- Optionally Report the Incomming Identity Source
    		DECLARE OurMsgRef REFERENCE TO OutputRoot.XMLNSC.Envelope.Body;
    		IF lastmove(OurMsgRef) THEN
    			CREATE LASTCHILD OF OurMsgRef NAME 'PropagatedIdentityReport';
    			MOVE OurMsgRef LASTCHILD;
    			CREATE LASTCHILD OF OurMsgRef NAME 'Type' VALUE InputRoot.Properties.IdentitySourceType;
    			CREATE LASTCHILD OF OurMsgRef NAME 'Token' VALUE InputRoot.Properties.IdentitySourceToken;
    			CREATE LASTCHILD OF OurMsgRef NAME 'Password' VALUE InputRoot.Properties.IdentitySourcePassword;
    			CREATE LASTCHILD OF OurMsgRef NAME 'IssuedBy' VALUE InputRoot.Properties.IdentitySourceIssuedBy;
    		END IF;
    		-- Output is MQ, so delete HTTP headers from tree
    		SET OutputRoot.HTTPInputHeader = NULL;
    		-- For clarrity remove "MessageIdentity" from tree if present
    		SET OutputRoot.XMLNSC.Envelope.Body.MessageIdentity = NULL;
    		RETURN TRUE;
    	END;
              
  6. Save the message flow.

Back to Building the Security Identity Propagation sample

Back to sample home