Authenticating web service requests for security by using XML

Every time that you make a request to the web services, you must pass in an IBM® Content Manager user ID and password, or a WebSphere® credential token associated with an IBM Content Manager user.

If a user does not have the privilege to perform the specific request, then the request is not processed and an error is returned in the SOAP reply. For example, if a user wants to change an insurance policy but has view privileges only, the user cannot change the policy.

Important: By default, the user ID and password passed in the web services request are not encrypted. If all of the web services requests are being processed within the firewall, unencrypted IDs and passwords might not be a problem. However, if the client is outside the firewall, use SSL to send your SOAP requests.

To authenticate your web service requests, create an <AuthenticationData> element. You must then include this object in every request.

<AuthenticationData connectString="string" 
  configString="string" 
[ connectToWorkflow="boolean" ] >
  <ServerDef>
    <ServerName>string</ServerName>
  [ <ServerType>ICM</ServerType> ]
  </ServerDef>
  <!-- You can specify either a user ID/password or a WebSphere SSO credential: -->
  <LoginData>
    <UserID>string</UserID>
    <Password>string</Password>
    <!-- or --> <Credential>base64Binary</Credential>
  </LoginData>
</AuthenticationData>

<AuthenticationData> elements

<ServerDef> (required): Identifies your content server's <ServerName> (for example, concord) and an optional <ServerType> (the default is ICM).
<LoginData> (required): Authenticates the user by using either their user ID and password or a WebSphere SSO credential.

<AuthenticationData> attributes

connectString (optional): Passes a server-specific property (beyond user ID and password) to establish a connection to the server. When sending requests to the CMBXMLServices bean directly, always specify SCHEMA=user ID where user ID is the schema of the IBM Content Manager database that you are connecting to; this is usually ICMADMIN.
configString (optional): Passes a CMBConnection property value to help construct a dkDatastore instance.
connectToWorkflow (optional): Toggles an option to connect to the workflow server. The default is TRUE.