Layer7 API Management

Iterating through stored passwords in the API Gateway with the WS-MAN service 

Aug 06, 2015 02:19 PM

Background

 

The WS-Management (WS-MAN) service is an internal service that can be used for programmatic interactions with the API Gateway. This API is SOAP-based and is typically interfaced with using our Gateway Management Client. This API is capable of printing out a list of stored passwords but that output will not contain the actual stored credentials. This article will describe the steps necessary to publish an API that can consume the WS-MAN API and return a list of stored password items within a SOAP response

 

Implementation

 

  1. Publish the WS-MAN internal service
  2. Publish a new Web API
  3. Import the attached policy into the new Web API
  4. Consume the new Web API via a browser or other HTTP-enabled client

 

This policy will return a SOAP message containing the names of all of the stored password objects. These names will be located in the element located at the following XPath pointer: /env:Envelope/env:Body/wsen:PullResponse/wsen:Items/l7:StoredPassword/l7:Name. The content of this element can be used to return a decrypted plaintext password using the request.passwordname.plaintext variable--where passwordname reflects the value of the l7:Name element.

Statistics
0 Favorited
1 Views
1 Files
0 Shares
1 Downloads
Attachment(s)
zip file
getPasswdWsman.xml.zip   2 KB   1 version
Uploaded - May 29, 2019

Related Entries and Links

No Related Resource entered.