Consuming Web Service with Security Policy

1)  When defining a Web Service Provider (WSP), specifying a Security Provider simply indicates that Adeptia authentication is required to execute this WSP.
Also, at this point, the user/pwd in the Security Provider are irrelevant.

  • Yes

2) The userid/pwd of the “Security Policy” are only used when the WSP is called by an Adeptia Web Service Consumer (WSC) activity.

  • Yes. Because attaching security policy to consumer is same as sending request message with security header

3) If a WSP specifies that a Security Policy is required, when a request is made to this WSP, the security credentials included in the SOAP Header are validated against the Adeptia User Database.

  • Yes

a. If the provided user credentials have “Execute” permission to the WSP, then the request will be executed

- Yes

b. If the provided user credentials do NOT have “Execute” permission to the WSP, a SOAP Fault message of “java.lang.NullPointerException” is returned.

- Yes. In future release we will generate user friendly message in this case.

c. If the provided user credentials are NOT a valid Adeptia user, a SOAP Fault message “java.lang.Exception: Not a valid user” is returned.

- Yes

Have more questions? Submit a request


Article is closed for comments.