Try OpenEdge Now
skip to main content
Administration
Web Services Adapter Administration : Web Services Adapter Security Configurations : Alphabetical list of configuration instructions : Enabling authentication for Web services
 
Enabling authentication for Web services
When you install the WSA, you can choose to enable security. In this case, WSA security is preset so that users who try to access Web service applications are not authenticated. This authentication can be enabled.
To enable authentication for Web services:
1. Choose an authorization role name to identify users who get access to all of a WSA instance's Web service applications.
2. Using a text editor, edit the WSA instance's web.xml file as follows:
a. Uncomment or add a <security-constraint> element for the URL path for Web service applications. The security-constraint might appear as follows:
<!--
  <security-constraint>
    <web-resource-collection>
      <url-pattern>/wsa1/</url-pattern>
    </web-resource-collection>
  </security-constraint>
-->
b. Add a <role-name> element to the <security-constraint> element, to hold the authorization role name you chose. A <role-name> element has the following syntax:
Table 35. Syntax
<auth-constraint>
<role-name>name</role-name>
</auth-constraint>
For example, after you add the role names webservicesrole1 and webservicesrole2, the <security-constraint> element might appear as follows:
<security-constraint>
  <web-resource-collection>
    <url-pattern>/wsa1/</url-pattern>
      <auth-constraint>
        <role-name>webservicesrole1</role-name>
        <role-name>webservicesrole2</role-name>
      </auth-constraint>
  </web-resource-collection>
</security-constraint>
3. Modify the Java container to add your user's accounts and grant them membership to the chosen role.
4. Modify the WSA instance's properties to enable authorization for Web services. Use one of the following techniques:
*If the WSA instance is local (the WSA resides on the AdminServer machine), select the WSA instance in OpenEdge Management or OpenEdge Explorer, click Configuration, and select Security to bring up the Security tab. In the WSA instance's Security tab, enable authentication for Web services.
*If the WSA instance is remote (the WSA instance does not reside on the AdminServer machine), use a text editor.
*In the ubroker.properties file, in the properties for the WSA instance, set appAuth to 1 (one). The possible values for appAuth are listed in the following table.
Table 36. Setting the appAuth property
Set appAuth to . . .
To . . .
1 (one)
Enable authentication for users of Web services
0 (zero)
Disable authentication for users of Web services
For example:
[WSA]
.
.
.
appAuth=0