Configuring the client for basic authentication: specifying the method
Basic authentication (BasicAuth) refers to the user ID and password of a valid user in the registry of the target server. BasicAuth information can be collected in many ways, including through an administrative console prompt, a standard in (Stdin) prompt, or specified in the bindings that prevents user interaction.
Before you begin
Important: There is an important distinction between
Version 5.x and Version 6.0.x and later applications.
The information supports Version 5.x applications only that
are used with WebSphere® Application Server Version 6.0.x and
later. The information does not apply to Version 6.0.x and
later applications.
For more information on BasicAuth authentication, see: BasicAuth authentication method.
About this task
Attention: WebSphere Application
Server supports nonce (randomly generated token) with BasicAuth authentication.
For more information, see Nonce.
Complete the following steps to specify BasicAuth as the authentication method:
Procedure
- Launch an assembly tool. See more information on the assembly tools.
- Switch to the Java™ Platform, Enterprise Edition (Java EE) perspective. Click .
- Click .
- Right-click the application-client.xml file, select .
- Click the WS Extensions tab, which is located at the end of the deployment descriptor editor within the assembly tool.
- Expand the
section.The only valid login configuration choices for a pure client are BasicAuth and Signature.
- Select BasicAuth to authenticate
the client using a user ID and a password. This user ID and password must be specified in the target user registry. The other choice, Signature, attempts to authenticate the client using the certificate used to digitally sign the message.
What to do next
- Configuring the client security bindings using an assembly tool
- Configuring the security bindings on a server acting as a client using the administrative console
After you specify the BasicAuth authentication method, you must specify how to collect the authentication information. See Configuring the client for basic authentication: collecting the authentication information.