I'm curious about security when data is being passed from my network to an offsite WSDL via CastIron. When we initially received the appliance, we had consultants build the first project. I was not involved much, but I have built a couple other integrations that do much of the same thing. In the process, the appliance passes usernames and passwords to WSDLs for authentication to perform the needed tasks.
My question is: How is this done securely? When this is sent, is it just a plain text XML string being passed? I just want to make sure that we are doing the best we can to keep our information's integrity.
Take a look at the endpoint configuration2009-06-15T19:22:26ZThis is the accepted answer. This is the accepted answer.In Cast Iron Studio, open the endpoint for the web service you are calling. The "location" entry defines the URL for the web service. If the location contains https:// then all information passed from the appliance to the web service endpoint you are accessing will be encrypted; if it's http:// the data is not encrypted (you will also see the "HTTPS" radio button selected or unselected in the Security section of the endpoint).
If it turns out it's not encrypted, and you expect it to be, please reply to the thread and we'll contact you to discuss options.