Can I secure SOAP web services using NGINX API Gateway ?

zaidahmd nginx-forum at
Wed May 10 06:03:14 UTC 2017


I need to know that 

      How to secure SOAP web services using NGINX's API gateway feature ?

** Current Implementation **

     I have an application with rest interfaces and is secured by NGINX's
AUTH_REQUEST module. For each request reaching NGINX, 
     AUTH_REQUEST sends a SubRequest to /login to the auth applicaiton which
returns 200 OK if the credentials are correct and the user is 
     authorized to login.

** Question ** 

     In the same application we have created SOAP web services and need
WS-Security to secure the services. We want to use the NGINX to perform
WS-Security authentication for SOAP web services also like the way its doing
it for RESTful services. But the issue is sending a subrequest to /login
which is written to handle RESTful service calls. And in SOAP services our
design is to have client certificate authentication, so how can Nginx handle
Ws-Sescurity for SOAP services.

Posted at Nginx Forum:,274120,274120#msg-274120

More information about the nginx mailing list