Doorgaan naar hoofdcontent

Cordys BOP4: Anonymous access to webservices

Introduction

With the setup using Cordys security an exposed BPM process as a webservice needs authentication. However it is possible to grant "anonymous" access to the service.
This blog item shows how this is done.

Authentication

Within the Cordys framework there are several ways to handle authentication:
  1. WebServer - The authentication at the web server (Apache, IIS) (NTLM, Active Directory, or LDAP) and authorisation at the service group.
  2. WS-Security - The authentication/authorisation takes place in the service group.
  3. Anonymous - No authentication is done and authorisation in the service group.

Anonymous user

Identity is usually placed in the SOAP header, but for anonymous access this is not needed. The webserver should be configured to allow anonymous access though.
Cordys uses the system defined user anonymous when anonymous access is used. The soap request will be executed when the anonymous user is granted.
The ACL (Access Control Level) of a service can be set at the service group level or individual service.

1 - Go to System Resource Manager
2 - Select service group
3 - Right-mous click and select Security
  
4 - Click Add
5 - Select anonymous user and click OK

Now you are able to use the service without authentication.
Labels:

Reacties

Een reactie posten

Populaire posts van deze blog

OSB 10gR3 and SWA and MTOM

This blog is about using soap with attachments and the use of MTOM within the OSB (10gR3). A service is created that accepts a soap with attachment (DocumentService) and translates it to a service that accepts a binary element. MTOM is used for performance reasons for the second. Some notes: * For the use of attachments you need RPC-style document instead of the usual document-style. This due to the fact that the document-style limits a message to a single . * A service can not have both SWA and MTOM within OSB. First a WSDL is setup for the DocumentService: The $attachments variable holds the attachments and the body holds the attachment data. Also other data is stored within the attachment element (see h
12 reacties
Meer lezen

Microservices mindmap

"The tree" - See also   my photo page When you are fairly new within the Microservices land, there are a lot of terms fired at you. So also for my own understanding i have made a mindmap. I think it has a good status now, so that i can share it with you. As always feedback is very welcome ! You can download the mindmap here .
47 reacties
Meer lezen

Book review: Data Management at Scale (Piethein Strengholt)

 This blog is a review of the book "Data Management at Scale (See also at bol.com ) Data Management is a hot topic nowadays and this book does a fantastic job at adding value to this topic. It is a must read and one of the few technical books I finished reading in a weekend. The book gives a fantastic overview on how to implement a Data Mesh data architecture. The Data Mesh concept is explained by Martin Fowler here . The book is a good mix between conceptual and implementation architecture level. It gives a lot of examples of how this architecture at scale can work, for both small and big companies. It is practical and I used it to implement it at one of my customers. The book describes an architecture in which the focus is on the DIAL (Data- and Integration Access Layer).  On a high level the book covers the following topics: The key principles for data management at scale - Domain-Driven Design  - Domain Data Stores - Meta data management Ready Data Store The concept of servin
5 reacties
Meer lezen