|
|
|
The XML Document Credential Collector (XML DCC) authentication scheme is a document-based authentication scheme. This means that information in the XML document is collected and used by the Policy Server to authenticate web service consumers. Web service consumers include business applications, business partners, or individual users.
To implement the XML DCC scheme, the web service provider gives the XML schema to web service consumers who request web services so that the web service consumers send XML documents that comply with the schema. This enables the Policy Server to map the credentials to entries in the user store.
When a web service consumer requests a web service, the SOA Agent for Web Servers extracts the information from the XML document and passes the credentials to the Policy Server. For the Policy Server to verify the credentials, you must map attributes in the XML document to fields in the Policy Server’s user store using the Policy Server User Interface or by defining XPath expressions. For example, you may map a XML document attribute called "customer" to the user name field in the user store and a document attribute called "customer ID" to the PIN number field. You also specify whether these attributes are located within the message header or body.
Optionally, you can specify an XPath function (count, div, index, mod, sum) that you want to apply to the mapping. The Function option lets you create more complex mappings by processing functions that further evaluate the XML document. For more information about these functions, navigate to the XPath specification at http://www.w3.org.
Note: The Policy Server assumes that all the authentication data in the XML message is in clear text. Therefore, we recommend that you configure this authentication scheme over an SSL connection to ensure security.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |