Topic
4 replies Latest Post - ‏2013-02-05T13:56:13Z by SystemAdmin
SystemAdmin
SystemAdmin
7615 Posts
ACCEPTED ANSWER

Pinned topic Dynamic authentication for web services

‏2013-01-28T16:38:46Z |
Hi,
I need to call a secured web service with the logged user (username / token).

In property tab security I put as username <#tw.system.user_loginName#>.
Wich field should I use to populate the password field with the one of the current user? (see attachment)
If not possible are there any way to call a secured WS with the current logged user.

By the way does somebody know if LTPA propagation is possible?

Product: IBM BPM standard 8.0.1 on Win 64
Updated on 2013-02-05T13:56:13Z at 2013-02-05T13:56:13Z by SystemAdmin
  • SystemAdmin
    SystemAdmin
    7615 Posts
    ACCEPTED ANSWER

    Re: Dynamic authentication for web services

    ‏2013-01-28T17:44:53Z  in response to SystemAdmin
    I think these might get you started -

    http://pic.dhe.ibm.com/infocenter/dmndhelp/v8r0m1/topic/com.ibm.wbpm.mon.admin.doc/sec/ltpa_cfg.html?resultof=%22%4c%54%50%41%22%20%22%6c%74%70%61%22%20

    http://pic.dhe.ibm.com/infocenter/wasinfo/v8r0/topic/com.ibm.websphere.express.doc/info/exp/ae/twbs_sca_wsbind_auth_ltpa.html?resultof=%22%4c%54%50%41%22%20%22%6c%74%70%61%22%20%22%77%65%62%22%20%22%73%65%72%76%69%63%65%22%20%22%73%65%72%76%69%63%22%20

    Andrew Paier | Director of Special Operations | BP3 Global, Inc. www.bp-3.com
    • SystemAdmin
      SystemAdmin
      7615 Posts
      ACCEPTED ANSWER

      Re: Dynamic authentication for web services

      ‏2013-01-29T09:40:31Z  in response to SystemAdmin
      Hi Andrew and thanks for your answer.

      I would have liked to apply LTPA policies on my WS client.
      However, as far as I can see, the WS client "defined" in Process Designer is not exposed as a WS client in the WAS console. I'm not an IBM BPM expert but seems to me the WS call is somehow hidden and called within the ex. Lombardi engine.
      • SystemAdmin
        SystemAdmin
        7615 Posts
        ACCEPTED ANSWER

        Re: Dynamic authentication for web services

        ‏2013-01-29T16:55:13Z  in response to SystemAdmin
        I think in order to leverage the LTPA token you would have to be running advanced, although to be honest I've never done this so I'm just guessing at this point.

        Andrew Paier | Director of Special Operations | BP3 Global, Inc. www.bp-3.com
        • SystemAdmin
          SystemAdmin
          7615 Posts
          ACCEPTED ANSWER

          Re: Dynamic authentication for web services

          ‏2013-02-05T13:56:13Z  in response to SystemAdmin
          Yes it is possible using Webservices in IID and advanced services in BPM. The WS client is then exposed in the WAS console where we can set an LTPA policy set / binding, then the token is propagated to the service provider.