The URL for generating a WSDL is typically protected by a SiteMinder Agent. If you need a more stringent Task Execution Web Service security model, consider using CA SOA Security Manager to secure it. SOA Security Manager is available separately from CA.
SiteMinder and SOA Security Manager authentication schemes, such as SiteMinder Basic and Certificate-based schemes, can be used to protect the URLs. Because each end point is associated with a specific operation and a unique URL, you can assign different authorization schemes and protection levels to operations that have different security requirements.
Authentication challenges must be presented as part of the authentication protocol if they are not included in the HTTP POST request. If challenges are presented as part of the authentication protocol, user credentials must be provided programmatically.
When SiteMinder or SOA Security Manager authenticates the user credentials that the client application presents to it, details about the session are inserted into the header of the response. This information includes the ID of the administrator who is executing the task.
The session information remains in the HTTP POST header. CA IdentityMinder can obtain the admin ID from this session information when it determines whether the administrator is authorized to perform the task.
|
Copyright © 2013 CA.
All rights reserved.
|
|