I have several third-party web services of which I only have their WSDL's. Currently they are only accessible in my internal network. I would like to expose those web services to the internet but, since they read/write sensitive information, I would need some sort of authentication mechanism in order to assure that only certain users are able to invoke them.

The idea is to expose exactly the same interface (same operations with the same parameters) but intercepting each invocation to check the security and then invoking the original web service if the authentication is valid or returning an exception or error message otherwise. I've been trying to use Mule ESB for the task abut I can't quite get there Is this possible with mule? If not, how would i go about doing this? Can anyone point me in the right direction? Thanks in advance.

Here is an example of a web service proxy adding WS-Security to an unsecure target web service:

<?xml version="1.0" encoding="UTF-8"?>
<mule xmlns="http://www.mulesoft.org/schema/mule/core"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xmlns:http="http://www.mulesoft.org/schema/mule/http"
  xmlns:cxf="http://www.mulesoft.org/schema/mule/cxf"
  xmlns:spring="http://www.springframework.org/schema/beans"
  xmlns:mule-ss="http://www.mulesoft.org/schema/mule/spring-security"
  xmlns:ss="http://www.springframework.org/schema/security"
  xsi:schemaLocation="
        http://www.mulesoft.org/schema/mule/core http://www.mulesoft.org/schema/mule/core/3.2/mule.xsd
        http://www.mulesoft.org/schema/mule/http http://www.mulesoft.org/schema/mule/http/3.2/mule-http.xsd
        http://www.mulesoft.org/schema/mule/cxf http://www.mulesoft.org/schema/mule/cxf/3.2/mule-cxf.xsd
        http://www.mulesoft.org/schema/mule/spring-security http://www.mulesoft.org/schema/mule/spring-security/3.2/mule-spring-security.xsd
        http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">

<mule-ss:security-manager>
    <mule-ss:delegate-security-provider
        name="memory-provider" delegate-ref="authenticationManager" />
</mule-ss:security-manager>

<spring:beans>
    <ss:authentication-manager alias="authenticationManager">
        <ss:authentication-provider>
            <ss:user-service id="userService">
                <ss:user name="user" password="pass" authorities="ROLE_USER" />
            </ss:user-service>
        </ss:authentication-provider>
    </ss:authentication-manager>
    <cxf:security-manager-callback id="serverCallback" />
</spring:beans>

<flow name="secureStockQuoteWsProxy">
    <http:inbound-endpoint address="http://localhost:8080/sec-ws/stockquote"
        exchange-pattern="request-response">
        <cxf:proxy-service>
            <cxf:inInterceptors>
                <spring:bean
                    class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" />
                <spring:bean
                    class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
                    <spring:constructor-arg>
                        <spring:map>
                            <spring:entry key="action" value="UsernameToken" />
                            <spring:entry key="passwordCallbackRef"
                                value-ref="serverCallback" />
                        </spring:map>
                    </spring:constructor-arg>
                </spring:bean>
            </cxf:inInterceptors>
        </cxf:proxy-service>
    </http:inbound-endpoint>

    <http:outbound-endpoint address="http://www.webservicex.net/stockquote.asmx"
        exchange-pattern="request-response">
        <cxf:proxy-client enableMuleSoapHeaders="false"
            soapVersion="1.2" />
    </http:outbound-endpoint>
</flow>

http://www.webservicex.net/stockquote.asmx?wsdl gives the same result. So you could test it there. Maybe the problem lies with .net services.

Anyway, for now I made a successful proxy with the webservice pattern. Now I am still working on transforming a response. Not with much success because Mule keeps giving me a ReleasingInputStream as response.