1) When defining a Web Service Provider (WSP), specifying a Security Provider simply indicates that Adeptia authentication is required to execute this WSP.
Also, at this point, the user/pwd in the Security Provider are irrelevant.
- Yes
2) The userid/pwd of the “Security Policy” are only used when the WSP is called by an Adeptia Web Service Consumer (WSC) activity.
- Yes. Because attaching security policy to consumer is same as sending request message with security header
3) If a WSP specifies that a Security Policy is required, when a request is made to this WSP, the security credentials included in the SOAP Header are validated against the Adeptia User Database.
- Yes
a. If the provided user credentials have “Execute” permission to the WSP, then the request will be executed
- Yes
b. If the provided user credentials do NOT have “Execute” permission to the WSP, a SOAP Fault message of “java.lang.NullPointerException” is returned.
- Yes. In future release we will generate user friendly message in this case.
c. If the provided user credentials are NOT a valid Adeptia user, a SOAP Fault message “java.lang.Exception: Not a valid user” is returned.
- Yes
Comments
0 comments
Article is closed for comments.