Hi
A webservice is deployed at ISD with basic authentication required.
How does an external client access this webservice? What needs to be set up: usernames, password, roles, groups ... to satisfy that basic authentication?
I've been reading the help page of the Web Console and googling, but still haven't been able to get an overall pictures of what are different architectural components that must fit together ... So far all I can see are bits and pieces, and done some hacking.
Any good references?
Thanks
Basic Authentication
-
- Premium Member
- Posts: 21
- Joined: Thu Mar 07, 2013 10:11 am
Go to the Info Server administration console...check out the various user roles that can be assigned for "Information Services Director"....when you turn on basic authentication for an ISD service, then only established Information Services Director roles can use it, who have the right role to execute the service, and then their Info Server credentials are validated...
Ernie
Ernie
Ernie Ostic
blogit!
<a href="https://dsrealtime.wordpress.com/2015/0 ... ere/">Open IGC is Here!</a>
blogit!
<a href="https://dsrealtime.wordpress.com/2015/0 ... ere/">Open IGC is Here!</a>
-
- Premium Member
- Posts: 21
- Joined: Thu Mar 07, 2013 10:11 am
-
- Premium Member
- Posts: 39
- Joined: Tue Apr 15, 2014 9:14 am
Hi
I am able to do the following in Service Director:
- Create 2 webservices (WSA, WSB)
- Create 2 users (userA, userB)
- Grant CONSUMER role to both users
- Write small C# console app to call either WSA or WSB from either userA or userB.
My dilemma is this:
I want to set up roles from Service Director such that:
- userA can only invoke WSA, not WSB
- userB can only invoke WSB, not WSA
Is this doable from Service Director? Can we create new roles and assign webservices to roles like with roles/tables/privs in a database?
It seems the role CONSUMER allows/prevents a user to invoke a webservice.
Thanks
I am able to do the following in Service Director:
- Create 2 webservices (WSA, WSB)
- Create 2 users (userA, userB)
- Grant CONSUMER role to both users
- Write small C# console app to call either WSA or WSB from either userA or userB.
My dilemma is this:
I want to set up roles from Service Director such that:
- userA can only invoke WSA, not WSB
- userB can only invoke WSB, not WSA
Is this doable from Service Director? Can we create new roles and assign webservices to roles like with roles/tables/privs in a database?
It seems the role CONSUMER allows/prevents a user to invoke a webservice.
Thanks
My experience has been that the ISD Consumer role allows user(s) to invoke ALL web services that require basic authentication. I wanted more granular control, out of the box, over the ISD security model just as you mentioned above, so I had opened an enhancement request about it in 2011: APAR JR40744. It would help greatly if you and any other customers contact IBM and request the same thing, and reference JR40744, which is not an externally searchable APAR number.
Choose a job you love, and you will never have to work a day in your life. - Confucius
-
- Premium Member
- Posts: 39
- Joined: Tue Apr 15, 2014 9:14 am