Can I secure SOAP web services using NGINX API Gateway ?

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Can I secure SOAP web services using NGINX API Gateway ?


I need to know that

      How to secure SOAP web services using NGINX's API gateway feature ?

** Current Implementation **

     I have an application with rest interfaces and is secured by NGINX's
AUTH_REQUEST module. For each request reaching NGINX,
     AUTH_REQUEST sends a SubRequest to /login to the auth applicaiton which
returns 200 OK if the credentials are correct and the user is
     authorized to login.

** Question **

     In the same application we have created SOAP web services and need
WS-Security to secure the services. We want to use the NGINX to perform
WS-Security authentication for SOAP web services also like the way its doing
it for RESTful services. But the issue is sending a subrequest to /login
which is written to handle RESTful service calls. And in SOAP services our
design is to have client certificate authentication, so how can Nginx handle
Ws-Sescurity for SOAP services.

Posted at Nginx Forum:,274120,274120#msg-274120

nginx mailing list
[hidden email]