+

Search Tips   |   Advanced Search

Security considerations for WSRP services


When we use WSRP with the portal, we can configure security and provide authentication using different authentication mechanisms.

We can choose between using Web Services Security (WS-Security) or SSL:

  1. For both Producer and Consumer portals:

    1. We can use both security configurations independently on the portal, providing security by both WS-Security and SSL client certificate authentication. For more detailed information refer to the URL given in the Related section.

    2. If we use the portal as both a Producer and a Consumer portal, the security configurations for both these roles are independent of each other.

  2. For Producer portals:

    1. For a Producer portal, security for WSRP services is optional. Configure it if required, but you do not have to provide security.

    2. When you configure WSRP security for a Producer portal by one of these options, you also need to configure Portal Access Control for that Producer portal and give the users of the Consumer portal access permissions.

    3. To allow a Consumer portal configured for SSL client certificate authentication to be able to consume the WSRP services, configure at least SSL for the Producer portal, but not necessarily client certificate authentication.

  3. For Consumer portals:

    1. For a Consumer portal, provide the same security setup for WSRP as the Producer portal from which you consume WSRP services.

    2. On the Consumer portal, the WSRP services that are consumed as remote portlets behave like local portlets. Therefore we can configure Portal Access Control for the WSRP services on the Consumer portal the same way as for local portlets.
When you configure security between the WSRP portals by one of these options, you also need to configure Portal Access Control and assign access rights for the Consumer portal users on the Producer portal. If you do not use either of these two authentication methods, the Producer portal assumes the anonymous user.

Assigning access rights: The Producer needs to assign access rights on the Producer portal based on the authentication information as follows:

For more details and considerations about Portal Access Control, refer to the sections about Configuring security and Managing access, users, and groups.

By default Portal Access Control is enabled for the Producer portal. The section about Disabling and Enabling Portal Access Control for the Producer portal shows you how to disable and enable Portal Access Control on the Producer portal. If you disable Portal Access Control, WSRP does not perform a security check at all.


Parent: Plan for WSRP
Related:
Work with WSRP in the portal
Communication between Producer and Consumer portals
Cookie support