Datacap Web Services authentication

The Datacap Web Services authenticates with the Datacap Server by using a configured user in the Application Manager or by calling the \Session\Logon endpoint and providing the credentials. When you use the Application Manager configured user, all authentication methods are supported. When you use the \Session\Logon endpoint, the TMA, ADLDS, and LLLDAP authentication methods are supported.

The Datacap Web Services configured user, password, and station information is retrieved from the Application Manager for authentication. Configure the Application Manager Custom values settings with the name and value pair for the user, password, and station authentication. Datacap Web Services uses settings in the c:\Datacap\wTM\web.config file to determine the names of the keys that are stored in the Application Manager from which the user name, password, and station information is retrieved. You must set up the wTMUser, wTMPassword, and wTMStation name and value pairs in the Application Manager that is based on your authentication method. The web.config file contains the following lines that identify the names of the keys.

<setting name="pathUser" serializeAs="String">
    <value>values/gen/wTMUser</value>
</setting>
<setting name="pathPassword" serializeAs="String">
    <value>values/adv/wTMPassword</value>
</setting>
<setting name="pathStation" serializeAs="String">
    <value>values/gen/wTMStation</value>
</setting>

When you are using the Application Manager configured user, Datacap Web Services authenticates with the Datacap Server when each endpoint is called. Each time an endpoint is called, Datacap Web Services sends a request to the Datacap Server to log in the user, then processes the endpoint action, and logs off the user.

When you are using the \Session\Logon endpoint, a user session is persisted for subsequent calls to reduce the number of calls to the Datacap Server. When the user is logged in, the session between Datacap Web Services and the Datacap Server continues throughout all subsequent endpoints until the \Session\Logoff endpoint is called or the session expires.

To avoid unauthorized user access when you use the \Session\Logon endpoint, ensure that a user is not configured in the Application Manager. If you are using ADSI or LDAP for your application, configure a separate instance of the Datacap Server for Datacap Web Services to use the TMA, ADLDS, or LLLDAP authentication method.