What is Basic Auth?
For a HTTP transaction, a method to pass the credentials in the form of username and password in the request header (encrypted) is considered to be Basic Authentication.
DataPower integration appliance supports SSL (Mutual Auth & Server Auth) as well as Basic Auth mechanism. The basic-auth header injection can be configured via a User Agent (Objects à Network Settings à User Agent). DataPower user agents provide additional interactions and customizations to the outbound requests. The user agent selection is part of an XML Manager configuration. Every service references a default XML manager and user agent when created. It is recommended that if any of these are to be changed, it is better to create a new XML Manager as well as new User Agent, so as not to affect the other services using the default ones.
In a WSP, the Proxy Settings tab holds the XML Manager field. For any WSP, a new XML Manager can be created and assigned using drop-down. Each XML Manager can be configured with specific User Agent and this is configured at the bottom of the Main tab.
The user agent panel has many tabs across the top. To setup Basic Auth, click on the Basic-Auth Policy tab. It has a URL matching expression used to determine when each entry is applied and it has Username and Password fields.
It is good that DataPower integration appliance supports SSL as I feel that all authentication data need to be secure although the level of security may vary.
ReplyDeleteelectronic signatures
can AAA used for signature verification in WSP ?
ReplyDeleteYes we can use AAA to validate the signature of the client in WSP
ReplyDeleteGood Explanation Pritam !.This is Govardhan :-)
ReplyDelete