The ivy *Web Service Call Element* supports following authentication methods: - HTTP Basic - HTTP Disgest - NTLM Whereas, the ivy *Web Service Process* supports only 'Basic WS Security' (cleartext username and password provided in SOAP header). Please note, (Note, that the labels on the inscription mask of the *Web Service Process* are actually not correct, the radio button which is labeled 'HTTP Basic' should be labeled with 'WS Security'. We will adjust this in future versions of ivy to avoid confusion.confusion.) As you can see, these authentication methods are **not** compatible. **But** for future versions of ivy **there is basically not compatible. But if you are in a solution** to call secured ivy *Web Service Processes* with an ivy *Web Service Call Element*. In the next ivy versions (4.3.24, 5.0.14 and 5.1.0), we improved the *Web Service Process* for Single **Single Sign On Environment. With Environment** (with MS Internet Information Services (IIS) in front of ivy), IIS can do 'HTTP Basic Authentication' in place of the WS Process. So, you can configure IIS to do one of the desired authentication methods (one of HTTP Basic, HTTP Disgest or NTLM) and configure your *Web Service Call Element* correspondingly. For your *Web Service Process* you simply select the authentication method 'None/Container'. In this change, setup, the *Web Service Process* supports (with help of IIS) 'HTTP Basic Authentication'. Since users which are already authenticated by the container (Tomcat) IIS, their requests are passed through and taken over by the WS Process (when it Process. Note that SSO authentication is configured with authentication 'None'). So, even though the *Web Service Process* does not support 'HTTP Basic Authentication' you can use it as authentication method when you configure Tomcat to do the 'HTTP Basic Authentication'. Here is a short description, how to set up Tomcat to do 'HTTP Basic Authentication': Add following entries to 'webapps/ivy/WEB-INF/web.xml' <security-constraint> <web-resource-collection> <web-resource-name>Secured Web Service Process</web-resource-name> <!-- With this pattern we secure only the Web Service Processes and not any others --> <url-pattern>/ws/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>ivy-ws-role</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> </login-config> <security-role> <role-name>ivy-ws-role</role-name> </security-role> Create a users-file and place it to any location of your choice. Its content looks as follows: <tomcat-users> <role rolename="ivy-ws-role"/> <user username="WSUser" password="WSUser" roles="ivy-ws-role"/> </tomcat-users> Add following entriy to 'webapps/ivy/META-INF/context.xml' <Realm className="org.apache.catalina.realm.MemoryRealm" pathname="<path to user file>/tomcat-users.xml"/> With this, using 'HTTP Basic Authentication' supported for ivy *Web Service Processes* will work and you can call it from a *Web Service Call Element* (with 'HTTP Basic' enabled as authentication method. Note, that in the sample above, you have to maintain the Web Service users redundantly in the Tomcat users-file and in ivy. In a production environment, you may use another realm than the MemoryRealm to receive the users for Tomcat.versions 4.3.24, 5.0.14 and 5.1.0 and newer.

The ivy *Web Service Call Element* supports following authentication methods: - HTTP Basic - HTTP Disgest - NTLM Whereas, the ivy *Web Service Process* supports only 'Basic WS Security' (cleartext username and password provided in SOAP header). Please note, that the labels on the inscription mask of the *Web Service Process* are actually not correct, the radio button which is labeled 'HTTP Basic' should be labeled with 'WS Security'. We will adjust this in future versions of ivy to avoid confusion. As you can see, these authentication methods are **not** compatible. **But** for future versions of ivy **there is a solution** to call secured ivy *Web Service Processes* with an ivy *Web Service Call Element*. In the next ivy versions (4.3.24, 5.0.14 and 5.1.0), we improved the *Web Service Process* for Single Sign On Environment. With this change, users which are already authenticated by the container (Tomcat) are passed through and taken over by the WS Process (when it is configured with authentication 'None'). So, even though the *Web Service Process* does not support 'HTTP Basic Authentication' you can use it as authentication method when you configure Tomcat to do the 'HTTP Basic Authentication'. Here is a short description, how to set up Tomcat to do 'HTTP Basic Authentication': Add following entries to 'webapps/ivy/WEB-INF/web.xml' <security-constraint> <web-resource-collection> <web-resource-name>Secured Web Service Process</web-resource-name> <!-- With this pattern we secure only the Web Service Processes and not any others --> <url-pattern>/ws/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>ivy-ws-role</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> </login-config> </login-config> <security-role> <role-name>ivy-ws-role</role-name> </security-role> Create a users-file and place it to any location of your choice. Its content looks as follows: <tomcat-users> <role rolename="ivy-ws-role"/> <user username="WSUser" password="WSUser" roles="ivy-ws-role"/> </tomcat-users> Add following entriy to 'webapps/ivy/META-INF/context.xml' <Realm className="org.apache.catalina.realm.MemoryRealm" pathname="<path to user file>/tomcat-users.xml"/> With this, using 'HTTP Basic Authentication' for ivy *Web Service Processes* will work and you can call it from a *Web Service Call Element* (with 'HTTP Basic' enabled as authentication method. Note, that in the sample above, you have to maintain the Web Service users redundantly in the Tomcat users-file and in ivy. In a production environment, you may use another realm than the MemoryRealm to receive the users for Tomcat.

The ivy *Web Service Call Element* supports following authentication methods: - HTTP Basic - HTTP Disgest - NTLM Whereas, the ivy *Web Service Process* supports only 'Basic WS Security' (cleartext username and password provided in SOAP header). Please note, that the labels on the inscription mask of the *Web Service Process* are actually not correct, the radio button which is labeled 'HTTP Basic' should be labeled with 'WS Security'. We will adjust this in future versions of ivy to avoid confusion. As you can see, these authentication methods are **not** compatible. But **But** for future versions of ivy there **there is a solution solution** to call secured ivy *Web Service Processes* with an ivy *Web Service Call Element*. In the next ivy versions (4.3.24, 5.0.14 and 5.1.0), we improved the *Web Service Process* for Single Sign On Environment. With this change, users which are already authenticated by the container (Tomcat) are passed through and taken over by the WS Process (when it is configured with authentication 'None'). So, even though the *Web Service Process* does not support 'HTTP Basic Authentication' you can use it as authentication method when you configure Tomcat to do the 'HTTP Basic Authentication'. Here is a short description, how to set up Tomcat to do 'HTTP Basic Authentication': Add following entries to 'webapps/ivy/WEB-INF/web.xml' <security-constraint> <web-resource-collection> <web-resource-name>Secured Web Service Process</web-resource-name> <!-- With this pattern we secure only the Web Service Processes and not any others --> <url-pattern>/ws/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>ivy-ws-role</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> </login-config> <security-role> <role-name>ivy-ws-role</role-name> </security-role> Create a users-file and place it to any location of your choice. Its content looks as follows: <tomcat-users> <role rolename="ivy-ws-role"/> <user username="WSUser" password="WSUser" roles="ivy-ws-role"/> </tomcat-users> Add following entriy to 'webapps/ivy/META-INF/context.xml' <Realm className="org.apache.catalina.realm.MemoryRealm" pathname="<path to user file>/tomcat-users.xml"/> With this, using 'HTTP Basic Authentication' for ivy *Web Service Processes* will work and you can call it from a *Web Service Call Element* (with 'HTTP Basic' enabled as authentication method. Note, that in the sample above, you have to maintain the Web Service users redundantly in the Tomcat users-file and in ivy. In a production environment, you may use another realm than the MemoryRealm to receive the users for Tomcat.

The ivy *Web Service Call Element* supports following authentication methods: - HTTP Basic - HTTP Disgest - NTLM Whereas, the ivy *Web Service Process* supports only 'Basic WS Security' (cleartext username and password provided in SOAP header). Please note, that the labels on the inscription mask of the *Web Service Process* are actually not correct, the radio button which is labeled 'HTTP Basic' should be labeled with 'WS Security'. We will adjust this in future versions of ivy to avoid confusion. As you can see, these authentication methods are **not** compatible. But for future versions of ivy there is a solution to call secured ivy *Web Service Processes* with an ivy *Web Service Call Element*. In the next ivy versions (4.3.24, 5.0.14 and 5.1.0), we improved the *Web Service Process* for Single Sign On Environment. With this change, users which are already authenticated by the container (Tomcat) are passed through and taken over by the WS Process (when it is configured with authentication 'None'). So, even though the *Web Service Process* does not support 'HTTP Basic Authentication' you can use it as authentication method when you configure Tomcat to do the 'HTTP Basic Authentication'. Here is a short description, how to set up Tomcat to do 'HTTP Basic Authentication': Add following entries to 'webapps/ivy/WEB-INF/web.xml' <security-constraint> <web-resource-collection> <web-resource-name>Secured Web Service Process</web-resource-name> <!-- With this pattern we secure only the Web Service Processes and not any others --> <url-pattern>/ws/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>ivy-ws-role</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> </login-config> <security-role> <role-name>ivy-ws-role</role-name> </security-role> Create a users-file and place it to any location of your choice. Its content looks as follows: <tomcat-users> <role rolename="ivy-ws-role"/> <user username="WSUser" password="WSUser" roles="ivy-ws-role"/> </tomcat-users> Add following entriy to 'webapps/ivy/META-INF/context.xml' <Realm className="org.apache.catalina.realm.MemoryRealm" pathname="<path to user file>/tomcat-users.xml"/> With this, using 'HTTP Basic Authentication' for ivy *Web Service Processes* will work and you can call it from a *Web Service Call Element* (with 'HTTP Basic' enabled as authentication method. Note, that in the sample above, you have to maintain the Web Service users redundantly in the Tomcat users-file and in ivy. In a production environment, you may use another realm than the MemoryRealm to receive the users for Tomcat.