SOAP server security
User IDs that require access to the SOAP Server, including user IDs that issue commands that invoke SOAP methods, must be authenticated through the hub monitoring server. If user authentication is not enabled on the hub monitoring server, anyone can make requests to the SOAP Server. If user authentication is enabled on the hub, the SOAP Server honors requests only from user IDs and passwords authenticated by the local or external registry. If type of access is specified for specific users, requests from only those users for which access is specified are honored.
- You can control who is permitted to make requests by enabling
user authentication on the hub monitoring server.
If user authentication is not enabled, the SOAP server honors all requests regardless of the sender. If user authentication is enabled on the hub monitoring server, the SOAP server honors requests only from users defined to the operating system or security authorization facility of the host of the monitoring server.
- You can control what type of requests users are permitted
to make by configuring the SOAP server. Important: If you specify a specific type of access for any users, the SOAP server honors requests only from those users, regardless of whether or not authentication is enabled.
User authentication is enabled by setting the KDS_TEMS_SECURITY_KDS_VALIDATE in the LPAR configuration profile to Y.