Sample 432: Callout Mediator - Invoke a secured service which has different policies for inbound and outbound flows

<definitions xmlns=""> <localEntry key="sec_policy_inbound" src="file:repository/conf/sample/resources/policy/policy_3.xml"/> <localEntry key="sec_policy_outbound" src="file:repository/conf/sample/resources/policy/policy_3.xml"/> <sequence name="main"> <callout serviceURL="http://localhost:9000/services/SecureStockQuoteService" action="urn:getQuote"> <source xmlns:s11="" xmlns:s12="" xpath="s11:Body/child::*[fn:position()=1] | s12:Body/child::*[fn:position()=1]"/> <target xmlns:s11="" xmlns:s12="" xpath="s11:Body/child::*[fn:position()=1] | s12:Body/child::*[fn:position()=1]"/> <enableSec outboundPolicy="sec_policy_outbound" inboundPolicy="sec_policy_inbound"/> </callout> <respond/> </sequence> </definitions>


Demonstrate the usage of the Callout mediator for making synchronous (blocking) Web service calls to invoke secured services, which has different security policies for inbound and outbound flows.


  • Download and install the Java Cryptography Extension (JCE) unlimited strength policy files for your JDK
  • Deploy the SecureStockQuoteService in the sample Axis2 server and start Axis2
  • Start Synapse using the configuration numbered 432 (repository/conf/sample/synapse_sample_432.xml)
    Unix/Linux: sh -sample 432
    Windows: synapse.bat -sample 432

Executing the Client

In this sample, the Callout mediator is configured with different security policies for inbound and outbound message flows. Messages sent out from synapse is encrypted using the outboundPolicy and response received from the secured service is decrypted using the inboundPolicy.

Invoke the client as follows.

ant stockquote -Dtrpurl=http://localhost:8280/

Back to Catalog