ActiveVOS Server User’s Guide

Previous | Next

Authentication

This policy describes the HTTP credentials required for access to a service. If a partner’s service requires authentication for access, you can add credential details to the partner link definition in the process deployment descriptor file.

To refer to this policy rather than explicitly adding it, see User-Defined Policy Assertion.

Outbound Authentication Policy

Username

Name of the user authorized to access the service

Password

Password for the authorized user

Preemptive HTTP Credentials

Preemptive authentication sends basic authentication credentials without being challenged by the remote host. Care must be taken to ensure that this option is only used to communicate over secure channels to prevent unnecessary disclosure of user credentials

wsse:UsernameToken in Header

If present, credentials are sent as a OASIS WS-Security UsernameToken element in the SOAP Header. To include a Nonce with the UsernameToken, add a <abp:Nonce/> child element. A Nonce is used to increase the authentication security by disallowing a string to be repeated. See the example below.

Use Cleartext Password

The password can be stored in Clear text. The password is visible and readable in the PDD file.

Inbound Authentication Policy

Require UsernameToken when receiving messages

Authentication on messages received by a My Role or Partner Role service

Example

<wsp:Policy xmlns:abp="http://schemas.active-endpoints.com/
    ws/2005/12/policy"
 xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
     <abp:Authentication direction="both">
       <abp:User>aeadmin</abp:User>
       <abp:Password>xzuSGNslrMeKzL4uPZQ8qg==</abp:Password>
       <abp:UsernameToken/>
       <abp:Nonce/>
   </abp:Authentication>
</wsp:Policy>

Copyright (c) 2004-2009 Active Endpoints, Inc.