Skip to main content

Service Registry

The Service Registry provides a repository for storing service WSDL and WS-Policy files. This product is available with Talend ESB.

The Service Registry helps maintain consistency for your services and their Policy-based security and reliability requirements. The Service Registry itself is part of Talend Runtime, while provided interceptors are provided to clients (whether SOAP clients or Talend Runtime-hosted web service providers) to access the registry.

From Talend Runtime 8.0 onwards, usernames and passwords in OSGi configurations are resolved as references to environment variables. For the username and password, first the OS environment is queried. If the parameter is not set as an OS environment variable, the Java system variables set in etc/custom.properties are queried. For the username, but not for the password, there is finally a literal default value.

When using OS environment variables for credentials, it is recommended not to have them as cleartext passwords in the startup script, but to retrieve them by calls to the credentials vault (keyrings, wallet, etc.) as it is sketched in comments in the Linux startup script in bin/setsecenv:
#export TESB_AMQ_GUI_USER_PASSWORD=`secret-tool lookup trun-user $TESB_AMQ_GUI_USER_NAME`
#export TESB_AUXSTORE_AUTHENTICATION_PASSWORD=`secret-tool lookup trun-user $TESB_AUXSTORE_AUTHENTICATION_USERNAME`
#export TESB_AUXSTORE_SAML_PASSWORD=`secret-tool lookup trun-user $TESB_AUXSTORE_SAML_USERNAME`
#export TESB_EVENTLOGGING_JMS_PASSWORD=`secret-tool lookup trun-user $TESB_EVENTLOGGING_JMS_USERNAME`
#export TESB_EVENTLOGGING_REST_PASSWORD=`secret-tool lookup trun-user $TESB_EVENTLOGGING_REST_USERNAME`
#export TESB_LOCATOR_AUTHENTICATION_PASSWORD=`secret-tool lookup trun-user $TESB_LOCATOR_AUTHENTICATION_USERNAME`
#export TESB_REGISTRY_AUTHENTICATION_PASSWORD=`secret-tool lookup trun-user $TESB_REGISTRY_AUTHENTICATION_USERNAME`
#export TESB_REGISTRY_SAML_PASSWORD=`secret-tool lookup trun-user $TESB_REGISTRY_SAML_USERNAME`
#export TESB_SAML_SECURITY_PASSWORD=`secret-tool lookup trun-user $TESB_SAML_SECURITY_USERNAME`
#export TESB_SAM_SERVICE_SECURITY_PASSWORD=`secret-tool lookup trun-user $TESB_SAM_SERVICE_SECURITY_USERNAME`
#export TESB_TIDM_PASSWORD=`secret-tool lookup tidm-user $TESB_TIDM_USERNAME`

#export TESB_TLS_KEYSTORE_PASSWORD=`secret-tool lookup keystore-pwd tls`
#export TESB_TLS_KEY_PASSWORD=`secret-tool lookup keystore-pwd tlskey`
#export TESB_STS_KEYSTORE_PASSWORD=`secret-tool lookup keystore-pwd sts`
#export TESB_CLIENT_KEYSTORE_PASSWORD=`secret-tool lookup keystore-pwd client`
#export TESB_CLIENT_KEY_PASSWORD=`secret-tool lookup keystore-pwd clientkey`
#export TESB_SERVICE_KEYSTORE_PASSWORD=`secret-tool lookup keystore-pwd service`
#export TESB_SERVICE_KEY_PASSWORD=`secret-tool lookup keystore-pwd servicekey`
#export TESB_EVENTLOGGING_AGENT_KEYSTORE_PASSWORD=`secret-tool lookup keystore-pwd el`
#export TESB_EVENTLOGGING_AGENT_KEY_PASSWORD=`secret-tool lookup keystore-pwd elkey`

The keystore property files in etc/keystores are replaced by OSGi configurations using references to environment variables. While the keystore property files are still fully valid and evaluated, values from these properties files are overridden if also set in the OSGi configuration files.

For Service Registry, the OSGi configuration files are:

  • org.talend.esb.registry.client.policy.enc.keystore.cfg - Encryption keystore for requests to the Service Registry policy store
  • org.talend.esb.registry.client.policy.keystore.cfg - Signing keystore for requests to theService Registry store
  • org.talend.esb.registry.client.wsdl.enc.keystore.cfg - Encryption keystore for requests to the Service Registry WSDL store
  • org.talend.esb.registry.client.wsdl.keystore.cfg - Signing keystore for requests to the Service Registry WSDL store
  • org.talend.esb.registry.service.sig.keystore.cfg - Signing keystore for Service Registry responses

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – please let us know!