MQSeries.net :: View topic - id/pwd authentication in WMB v6 webservices

MQSeries.net

Tech Exchange

Education

Certifications

Library

Info Center

SupportPacs

FAQÂ Â

Usergroups

RSS Feed - WebSphere MQ Support

RSS Feed - Message Broker Support

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » id/pwd authentication in WMB v6 webservices

id/pwd authentication in WMB v6 webservices

« View previous topic :: View next topic »

Author

Message

ydsk

Posted: Wed Aug 09, 2006 9:13 am Post subject: id/pwd authentication in WMB v6 webservices

Chevalier

Joined: 23 May 2005
Posts: 410

We are calling an external .NET webservice from within a msgflow using a HTTPRequest node on a Solaris v6 broker.

The webservice needs to authenticate the msgflow so they asked us to send an id/pwd along.

Can we send an id/pwd pair in a HTTP header or elsewhere to the external webservice ?

Any experiences around this area ?

Please post.

Thanks.
ydsk.

ydsk

Posted: Wed Aug 09, 2006 11:11 am Post subject:

Chevalier

Joined: 23 May 2005
Posts: 410

I was told that one of the differences w.r.t dealing with webservices between MB and WAS is that ... WAS supports built-in authentication whereas MB doesn't. So, we need to do round-about ways of passing user-id/pwd like in:

InputRoot.HTTPRequestHeader.UserId = 'SomeUser';
InputRoot.HTTPRequestHeader.Password = 'SomeUser';

The disadvantage is Password will be in plaintext unless you encrypt it.

Can IBM Hursley guys or someone please comment on it ?

This is important and a bit urgent to me.

Thanks.
ydsk.

jefflowrey

Posted: Wed Aug 09, 2006 11:22 am Post subject:

Grand Poobah

Joined: 16 Oct 2002
Posts: 19981

There are webservices standards that specify methods of authenticating the requester.

WAS implements more WS-* standards than Broker does.

Currently. As far as I know.

You haven't really identified if the .NET services are using any of these WS-* standards for security. It's entirely possible that the .NET services have been written in complete ignorance of all the standards for passing authentication, and have implemented their own solution.
_________________
I am *not* the model of the modern major general.

ydsk

Posted: Wed Aug 09, 2006 2:20 pm Post subject:

Chevalier

Joined: 23 May 2005
Posts: 410

Jeff,

The .NET webservice is yet to be built and that won't be done until the msgflows ( webservice clients) are built - i know it sounds very strange but that's our customer so, I won't comment on that part.

Currently the .NET team asked us what WS-security standards the broker supports so they can decide what/how to code their services.

Thanks.

jefflowrey

Posted: Wed Aug 09, 2006 6:09 pm Post subject:

Grand Poobah

Joined: 16 Oct 2002
Posts: 19981

So the entire interface is in flux.

This is good.

I don't know off the top of my head what WS-* standards broker supports. I *believe* that it's only the WS-basic profile.

You should probably open a PMR to get clarification. These things change fairly quickly - especially just after the release of an FP.
_________________
I am *not* the model of the modern major general.

Display posts from previous:

Page 1 of 1

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » id/pwd authentication in WMB v6 webservices

Jump to:

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Protected by Anti-Spam ACP