Home | Printable Version
3.4: Remote Service Security
You can supply security information for remote services that require http-based authentication using the optional security element within the HttpHeader fragment. WebMaker parses this fragment negotiates the security steps for the requested service. This feature utilises the Apache Http Client security module and it is this module that will determine how to apply the supplied security credentials based on remote service responses.
<?xml version="1.0" encoding="UTF-8"?>
<xg:HttpHeader xmlns="http://www.hyfinity.com/xgate" xmlns:xg="http://www.hyfinity.com/xgate">
    <xg:security preemptive="true">
        <xg:realm>authenticatingRealmOrDomainName</xg:realm>
        <xg:host>hostNameRequiringAuthentication</xg:host>
        <xg:port>portOnHostRequiringAuthentication</xg:port>
        <xg:username>String</xg:username>
        <xg:password>String</xg:password>
        <xg:client>nameOfClientRequestingAuthentication</xg:client>
    </xg:security>
</xg:HttpHeader>
@preemptive - This boolean attribute determines whether WebMaker should pre-compose the necessary security tokens before first invocation of the service or wait until a service has responded after first invocation, providing details of how to construct the security token. This is useful when certain secure services degrade to a lower access level when security credentials are missing. For example, some services may assume guest access if credentials are missing, thus never returning an HTTP 401 code to indicate the need for authentication. This is generally only applicable to BASIC authentication schemes. realm - Name of the realm or NT domain. host - Name of the host requesting authentication. port - The port number on the host requesting authentication. username - Username. password - Password. client - Name of the client machine requesting authentication.
Depending on the type of authentication required you may not need to provide all of these settings. For example, if using BASIC authentication then only the username and password should be required.
REST Services Web Service Proxy Configuration