I want to provide a secured 'Web Service Process' (means, that it requires username and password) and call this 'Web Service Process' with a 'Web Service Call Element'? Simply checking 'HTTP Basic' as authentication method on both (WS Process and WS Call) seems not to work. asked 04.09.2014 at 10:29 Dominik Regli ♦ |
The ivy Web Service Call Element supports following authentication methods:
Whereas, the ivy Web Service Process supports only 'Basic WS Security' (cleartext username and password provided in SOAP header). (Note, that the labels on the inscription mask of the Web Service Process are actually not correct, the radio button which is labeled 'HTTP Basic' should be labeled with 'WS Security'. We will adjust this in future versions of ivy to avoid confusion.) As you can see, these authentication methods are basically not compatible. But if you are in a Single Sign On Environment (with MS Internet Information Services (IIS) in front of ivy), IIS can do 'HTTP Basic Authentication' in place of the WS Process. So, you can configure IIS to do one of the desired authentication methods (one of HTTP Basic, HTTP Disgest or NTLM) and configure your Web Service Call Element correspondingly. For your Web Service Process you simply select the authentication method 'None/Container'. In this setup, the Web Service Process supports (with help of IIS) 'HTTP Basic Authentication'. Since users are already authenticated by IIS, their requests are passed through and taken over by the WS Process. Note that SSO authentication is only supported for ivy versions 4.3.24, 5.0.14 and 5.1.0 and newer. answered 04.09.2014 at 10:48 Dominik Regli ♦ |
As mentioned in the answer above, in newer ivy versions (4.3.24, 5.0.14 and 5.1.0 and later) we improved the Web Service Process for Single Sign On Environments. With this change, users which are already authenticated by IIS respectively the ivy web-container (Tomcat) are passed through and taken over by the WS Process. This is useful, even if you are not in an SSO environment. In this case, you can also configure Tomcat to do 'HTTP Basic Authentication'. Here is a short description, how to set up Tomcat to do 'HTTP Basic Authentication': Add following entries to 'webapps/ivy/WEB-INF/web.xml'
Create a users-file and place it to any location of your choice. Its content looks as follows:
Add following entriy to 'webapps/ivy/META-INF/context.xml'
With this, using 'HTTP Basic Authentication' for ivy Web Service Processes will work and you can call it from a Web Service Call Element (with 'HTTP Basic' enabled as authentication method. Note, that in the sample above, you have to maintain the Web Service users redundantly in the Tomcat users-file and in ivy. In a production environment, you may use another realm than the MemoryRealm to receive the users for Tomcat. answered 10.09.2014 at 13:56 Dominik Regli ♦ |
Update: Starting with Axon.ivy BPM Suite 6.0.4 and 6.2 WebService Processes also supports HTTP Basic authentification. answered 15.06.2016 at 15:45 Reto Weiss ♦♦ |
Once you sign in you will be able to subscribe for any updates here
By RSS:Markdown Basics
Tags:
Asked: 04.09.2014 at 10:29
Seen: 3,637 times
Last updated: 15.06.2016 at 15:45