Authentication mechanism for integrations
Sterling Order Management System Software supports various ways of authentication mechanism for
integrations. However, for container-based deployments it is recommended to use BASIC or STANDARD
authentication.
For more information about configuring authentication for REST API, see xapirest.properties.
For securing any other servlets, in web.xml configure auth-method to BASIC or
STANDARD and the corresponding security-constraint. For more information about
customizing web.xml, see Customizing web.xml for multiple applications.
Limitation: The CONTAINER authentication mechanism depends on the
principal of the client certificate that is presented for authentication. However, in case of
Kubernetes deployments the client certificate is dropped at the Ingress layer itself, and hence the
client certificates are not propagated to application servers. Therefore, the default Operator does
not support CONTAINER authentication.