Administration

Securing the Content Engine Web Service

If UsernameToken credentials, which require plaintext credentials for a user name and password, are used with CEWS, it is recommended that you configure your Content Engine server to use Secure Socket Layers (SSL) to protect user credentials. After it is configured, CEWS is able to send its XML SOAP messages by using the secure HTTPS protocol. For more information, see Setting up Content Engine and client transport SSL security

If Kerberos credentials are used with CEWS, it is not necessary to use SSL to protect user credentials. However, SSL might still be desirable if data privacy is required.