Username and password authentication for SOAP web service

Support
1

Hello,

I have created a SOAP web service with Linx. I am using transport security. I am able to consume the web service from SoapUI.

Now I would like to add username and password authentication. I have setup a user in Linx, and I have granted them access to my web service. However, I am unclear as to how to require the authentication.

Is this http basic authentication, or is it at the WS level? When I go to SoapUI, the client is still able to post the message without providing any credentials.

Is there a config file somewhere such as web.config? Do I need to add something to my WSDL for this to happen?

Can you steer me in the right direction for using username and password authentication with my SOAP web service?

Many thanks!

2

We only support X509 certificates over http when using Message security so the username and password mechanism is not currently available. Let me know if you would like us to build it in.

3

So username and password is not available for the transport security option with https?

I guess I am wondering what the user setup is for? (Create user, define role, check box for web service access.)

I would like to be able to use username and password authentication with https (transport security.)

Many thanks!

4

At 5:38 in this YouTube video, the presenter shows how to put a username and password in the URL for his web service.

Can this be done for a SOAP web service? Or is the username and password security only available for a REST web service?

I am just trying to find a way to publish my SOAP web service with https in such a way that there will be some kind of authentication involved. I don’t want anyone in the world to be able to consume my web service without being authorized. Is this possible?

Many thanks!

5

The video refers to exposing a Linx Process as a REST web service. This is the easiest way to expose a web service in Linx but it has the following limitations:

  • It runs over https on the same port as Linx Server.
  • It only uses REST.
  • The request and response formats are fixed.
  • Authentication is only provided by Linx Server by way of the usernames and passwords you provide in the Linx Server administration interface.

Walkthrough of exposing a Linx Process as a REST web service

1. Create a Linx Process and expose it as a web service

helloworld.png496×630 17.6 KB

2. Upload it to Linx Server

3. Create the users that you want to allow access to

adduser.png810×592 55.4 KB

4. Follow the video on calling the web service by passing username, password and parameters.

Creating stand-alone web services with Linx

We can create web services with Linx without the limitations imposed by just exposing a Linx Process as a web service. Create them by creating a service in a Linx Solution.

Pros

  1. Can be SOAP or REST.
  2. Not linked to Linx Server security.
  3. Can use any port.
  4. Can have any request or response format.
  5. Can use different security mechanisms.

Cons

  • Requires a wsdl or swagger definition.
  • Username/password and OAuth style security are not currently supported.