- IBM API Connect V2018.4.1.x - v5c
Case: User Defined Policies
In the past we have built a UDP (User Defined Policy) to sign SOAP messages before sending them to an external server. The goal of this UDP was, that this UDP would be used for one specific partner (all parameters where hardcoded in the policy rule in the gateway). However, as we are receiving more and more SOAP service projects, we needed to make this UDP open to be customizable. We wanted to be able to provide parameters to the UDP so it was no longer fixed for one partner only. Example of parameters:
- Certificate name
- Sign algorithm
- Message digest algorithm
- Include timestamp
I wrote this blog because I was spending a lot of time making UDP’s and I was having difficulties finding the helpful documentation to get all this working. I also noticed that I was not the only one trying to solve this, several clients where trying to work with UDP’s and where not always as successful as hoped.
Below, we list a few options on how to pass data as parameters to your stylesheet in the gateway. I mainly worked with enumerations. This way, the developer who will use this UDP does not have to know all possibilities. The developer can see all the options we support. Also, it prevents the risk for typos. Mainly with the crypto-certificate this can be an issue. When you name your certificate in APIC, APIC always adds the provider organization in front of the name and the version at the end of the name. This results in long and complex names.
Content of the properties section in the configuration YAML file
This will result in a drop down box like following screenshot
Stylesheet script: SetInputParameters.xsl
TIP: you can do this with any changeable parameter of your processing action. Following steps show an easy way to get the required path and name of your configurable parameter:
- Create a processing rule (can be a dummy one) and save it.
- Add the processing action you want to configure to your newly made processing rule.
- Open the processing action and go to the advanced tab, change the parameter you want to configure in your script. Save your processing rule
- In the search box on the left top (assuming you use the WebGUI and not the Blueprint) search ‘Processing Action’ and open your newly made processing action. The name will be something like: <your processing rule name>-<action type> (e.g.: sign-soap-sign)
- When you open this processing action, go to the ‘stylesheet parameter’ tab. Here you will find the complete parameter name
Policy action configuration
- Open the policy action you want to be configured by your stylesheet script.
- Every parameter you have covered in your stylesheet script must be set to empty or to the default value of the processing action. This way it will take the value provided as the service parameter.
When you are ready with your policy, you will need to upload your policy to APIC. These steps where described in a previous blog ‘How to get started with User Defined Policies’.
Niki Heyligen, Jeroen Willems
Need some help with UDP's for your organization?