Release 10.1A: OpenEdge Application Server:
Administration

Role of the WSA

The WSA’s ubroker.properties file can be set to also require the WSA to verify that the JSE performs user authentication for particular URL paths.

Note: The entries in ubroker.properties are case-sensitive.

To continue the example, when the WSA gets an HTTP request from the JSE:

  1. The WSA first checks its ubroker.properties values to determine whether the URL requires the JSE to perform user authentication.

  2. If it does, the WSA verifies that the JSE has passed it a valid user ID—just in case the JSE configuration becomes corrupted.

  3. When it verifies that it has a valid user ID, the WSA checks whether the URL is for a WSA administrative function.

    4. If the URL is for a WSA administrative function:

    1. The WSA determines which Role the user is in and gives the user the security privileges associated with that Role.
    2. The WSA determines whether the user’s privileges allow it to execute the administrative function. If yes, the administrative function is executed.

      3. If the URL is not for a WSA administrative function, the WSA processes the HTTP/SOAP request as a web service operation.

Copyright © 2005 Progress Software Corporation
 www.progress.com
Voice: (781) 280-4000
Fax: (781) 280-4095