Release 10.1A: OpenEdge Application Server:
Administration

Enabling authentication for WSDL

When you install the WSA component of the WSTK, you can choose to enable security. In this case, WSA security is preset so that users who try to access WSDL are not authenticated. This authentication can be enabled.

To enable authentication for WSDL:
  1. Choose an authorization role name to identify users who get access to all of a WSA instance’s WSDL.

  2. Using a text editor, edit the WSA instance’s web.xml file as follows:

    1. Uncomment or add a <security-constraint> element for the URL path for WSDL. The <security-constraint> element might appear as follows:

      2. <security-constraint> 
  <web-resource-collection> 
    <url-pattern>/wsa1/wsdl/*</url-pattern> 
  </web-resource-collection> 
</security-constraint>

    2. To the <security-constraint> element, add a <role-name> element to hold the authorization role name you chose. A <role-name> element has the following syntax:

      3. Syntax 
      <auth-constraint> 
  <role-name>name</role-name> 
</auth-constraint>

      For example, after you add the role-names wsdlrole1 and wsdlrole2, the <security-constraint> element might appear as follows: 

      <security-constraint> 
  <web-resource-collection> 
    <url-pattern>/wsa1/</url-pattern> 
      <auth-constraint> 
        <role-name>wsdlrole1</role-name> 
        <role-name>wsdlrole2</role-name> 
      </auth-constraint> 
  </web-resource-collection> 
</security-constraint>

  3. Modify the JSE to add your user’s accounts and grant them membership to the chosen role.

  4. Modify the WSA instance’s properties to enable authorization for WSDL. Use one of the following techniques:

    • If the WSA instance is local (the WSA resides on the AdminServer machine), using Progress Explorer, select the WSA instance, right-click, and choose Properties. Select Security to display the Security panel. In the Security panel, enable authentication for WSDL.
    • If the WSA instance is remote (the WSA instance does not reside on the AdminServer machine), using a text editor, in the ubroker.properties file from which the WSA instance is initialized, in the properties for the WSA instance, set wsdlAuth to 1 (one). The possible values for wsdlAuth are listed in Table 7–8.

      • Table 7–8: Setting the wsdlAuth property 
      Set wsdlAuth to ...
      To ...
      1 (one)
      Enable authentication for users of WSDL.
      0 (zero)
      Disable authentication for users of WSDL.

      For example: 

      [WSA] 
. 
. 
. 
wsdlAuth=0

Copyright © 2005 Progress Software Corporation
 www.progress.com
Voice: (781) 280-4000
Fax: (781) 280-4095