Try OpenEdge Now
skip to main content
Administration
Web Services Adapter Administration : Web Services Adapter Security Configurations : Alphabetical list of configuration instructions : Enabling authentication for WSDL
 
Enabling authentication for WSDL
When you install the WSA component of the WSTK, you can choose to enable security. In this case, WSA security is preset so that users who try to access WSDL are not authenticated. This authentication can be enabled.
To enable authentication for WSDL:
1. Choose an authorization role name to identify users who get access to all of a WSA instance's WSDL.
2. Using a text editor, edit the WSA instance's web.xml file as follows:
a. Uncomment or add a <security-constraint> element for the URL path for WSDL. The <security-constraint> element might appear as follows:
<security-constraint>
  <web-resource-collection>
    <url-pattern>/wsa1/wsdl/*</url-pattern>
  </web-resource-collection>
</security-constraint>
b. Add a <role-name> element to the <security-constraint> element to hold the authorization role name you chose. A <role-name> element has the following syntax:
Table 37. Syntax
<auth-constraint>
<role-name>name</role-name>
</auth-constraint>
For example, after you add the role-names wsdlrole1 and wsdlrole2, the <security-constraint> element might appear as follows:
<security-constraint>
  <web-resource-collection>
    <url-pattern>/wsa1/</url-pattern>
      <auth-constraint>
        <role-name>wsdlrole1</role-name>
        <role-name>wsdlrole2</role-name>
      </auth-constraint>
  </web-resource-collection>
</security-constraint>
3. Modify the Java container to add your user's accounts and grant them membership to the chosen role.
4. Modify the WSA instance's properties to enable authorization for WSDL. Use one of the following techniques:
*If the WSA instance is local (the WSA resides on the AdminServer machine), select the WSA instance in OpenEdge Management or OpenEdge Explorer, click Configuration, and choose Properties. Select Security to display the Security tab. In the Security tab, enable authentication for WSDL.
*If the WSA instance is remote (the WSA instance does not reside on the AdminServer machine), using a text editor, in the ubroker.properties file from which the WSA instance is initialized, in the properties for the WSA instance, set wsdlAuth to 1 (one). The possible values for wsdlAuth are listed in the following table.
Table 38. Setting the wsdlAuth property
Set wsdlAuth to . . .
To . . .
1 (one)
Enable authentication for users of WSDL
0 (zero)
Disable authentication for users of WSDL
For example:
[WSA]
.
.
.
wsdlAuth=0