Adding security to Business Process Choreographer web services applications
The Business Process Choreographer web service requires
that you configure your client application for an authentication mechanism.
About this task
Topic scope: This topic applies
to the following Business Process Choreographer web services interfaces:
- HTTP transport layer
- JMS transport layer
By default, Business Process Choreographer supports
the following authentication mechanisms:
- Username Token
- A web service consumer supplies a Username token as a means of identifying the requester by "username", and optionally using a password to authenticate that identity to the web service provider.
- Binary Security Token - Lightweight Third-Party Authentication (LTPA) Token
- A web service consumer supplies an LTPA token as a means of authenticating the requester to the web service provider.
You can replace the Business Process Choreographer web service security policy by an alternative authentication mechanism. However, it is not possible to invoke Business Process Choreographer web service operations as an unauthenticated user, so one authentication mechanism is always required.
If you use the JMS transport layer,
your client needs additional authentication to put a message on the
JMS queue. To set up this authentication, you must provide the appropriate
policy sets, bindings, and attachments for JMS transport in the META-INF directory
of your application. The following example policy sets, bindings,
and attachments are provided in the ProcessChoreographer/client directory
of your IBM® Business Automation
Workflow
installation:
- BPCJMSAPIClientBinding.zip
- BPCJMSAPIPolicySet.zip
- clientPolicyAttachments.xml
- wsPolicyClientControl.xml
This topic only applies to BAW, and is located in the BAW repository. Last updated on 2025-03-13 12:15