Search Tips   |   Advanced Search

Configuring WSRP Producer ports for Web Service Security on the Consumer portal

We can configure each WSRP port of a particular Producer definition for web service security by using LTPA or username tokens.

If you configure web service security for a Producer port, the WSRP Consumer creates a WS-Security-compliant header. The header contains a security token. When the Producer receives a WSRP request message that contains a WS-Security header, it processes the request under the user identity that is represented by the security token and performs access control for provided portlets.

HCL Portal v8.5 provides three security token types for the most common scenarios. The following list describes these scenarios. In a default portal installation, none of the Producer ports is configured for message authentication or a token type. If your setup does not require security, you do not need to configure the Producer ports.

We can set the token types by either of the following two ways:

The WSRP Consumer provides a token of the selected type in the WS-Security header of WSRP request messages that are sent to the appropriate Producer port. No further security mechanism, such as message integrity or message confidentiality, is used. If you plan a more complex service configuration or if you plan to use another token type, read Configuring WSRP web service clients.

The token types correspond to the default WSRP policy sets and provider policy bindings that are available for the configuration of Producers. The tokens are also compatible to a corresponding HCL Portal Version 7 or 8 Producer security configuration.