Web Services Authentication¶
You can protect the access to a REST or SOAP Web service by configuring the authentication method of the Service. The page Web Services Authentication of the Administration Guide explains in detail the authentication methods of the web service.
The available authentication methods depend on the Web service type:
BASIC
: HTTP BasicBASIC VDP
: HTTP Basic with VDPDIGEST
: HTTP DigestSPNEGO
: HTTP SPNEGO (Kerberos)OAUTH2
: OAuth 2.0SAML2
: SAML 2.0
Basic and Digest¶
The BASIC
and DIGEST
authentication modes use the Basic and
Digest HTTP Access Authentication methods.
In HTTP Basic the credentials are passed as plaintext and in HTTP Digest
they are sent encrypted. All the users will use the same credentials indicated in the parameters
USER
and PASSWORD
.
SAML 2.0¶
The REST web services published by Virtual DataPort support SAML authentication (Security Assertion Markup Language).
Add the parameter SPENTITYID
, which is a string that identifies this
web service as a service provider with the identity provider (IdP). The section SAML 2.0 of the Administration Guide explains in more
detail how to configure web services with this authentication type.
VDP¶
When using the authentication methods BASIC VDP
(SOAP and REST) and
WSS BASIC VDP
(only SOAP), the Web Service will connect to Virtual
DataPort with the credentials used by the client of the Web service.
Only users whose user name is in the VDPACCEPTEDUSERS
list (a comma-separated list of user names)
will have access to the Service. If the list is empty or the parameter is missing, all Virtual DataPort
users will be accepted. With this authentication method, the users also
need to have permission to access the published views.