How Do I Set Up Authorization for a Deployed Service? (Magic xpa 3.x)

For any service you are deploying, you have the capability to allow only specific users access to the service. This is done in three steps:

• First, you must define the users.

• Second, you must define which users have access to the Web service.

• Third, you must define which authentication method will be required to access the service.

These steps are explained below.

Defining the User and Password

1. Open the Systinet console.

2. Select Security->Database of Identities on the tree to the left.

3. You will see a list of existing users on the right. Click the Add User button below the table.

4. You will get a box prompting you for a user name. Enter the name, and click Add User.

5. Now you will see the new user on the user table. You can use the buttons to the right of each user id to manage this user.

6. To set the password, first click the button.

7. A list of properties for this user will appear. Click the Add property button.
   
   

8. You will see a list of properties. One of them is password. Click on the to the right of the password property.

9. You will be prompted to enter the new password, and to confirm it. Then click the Enter property button.

Allowing the User Access to the Service

Now, you need to change the service to be authenticated and define the user as allowed to consume it.

1. Select Web Services from the tree on the left.

2. Select the service you want to work with.

3. Select Set endpoint method ACL on the right, in the Security section.

4. Each operation will be shown in a separate line on the table. Click Set ACL to set authentication for each operation.

When you click Set ACL, another window will appear, with a list of users and what rights they have. Clicking grant will give them access; clicking revoke will revoke access.

Defining the Service Authentication method

Last, you need to define this service as Authorized.

1. Select Web Services from the tree on the left.

2. Select the service you want to work with.

3. From the Security section, click on Set endpoint security.

4. You will then be on the Authentication and Authorization page. Select the Authorization required check box. Check whatever security providers you want to accept. Then click Save Changes.

That is all that is needed on the provider’s side. If you are accessing this Web service, you will need to provide the authentication that was specified here. How to do this is explained in How Do I Securely Access a Web Service?.