Aegis web service calls must authenticate to a BSL and optionally identify an Aegis Server to handle the request. If the BSL is using Windows authentication, the BSL authenticates the caller’s Windows credentials through the WindowsRestful web service URL and ignores any credentials included in the web services call. If an impersonation entry exists for an adapter, calling the adapter will authenticate with the impersonation credentials instead of Windows authentication or credentials included with the web services call.
If the BSL is not using Windows authentication, and no impersonation entry exists for the requested adapter, each web service call supports the following three groups of parameters for authentication and identification:
Parameters userName and password authenticate the call to an Aegis BSL and its primary Aegis Server
Parameters hostName and portNumber identify a BSL secondary Aegis Server to handle the call
Parameter sessionID, returned from a successful login call, represents a session with a BSL primary Aegis Server for subsequent web service calls
All web service calls require BSL authentication, either the userName/password pair or a sessionID.
A client that makes single, infrequent web service calls can authenticate each call separately. Otherwise, a client can issue a login call and use the sessionID returned in the response body as authentication for subsequent calls.
By default, BSL authentication includes authentication to the BSL primary Aegis Server. A client can use userName and password with hostName and portNumber to identify and authenticate to the BSL and a secondary Aegis Server.
The following table summarizes the BSL authentication parameters.
|
Parameter |
Description |
|---|---|
|
userName |
REQUIRED. User name for authentication to the Aegis BSL. |
|
password |
REQUIRED. Password for authentication to the Aegis BSL |
By default, the BSL authenticates and directs web service calls to the primary Aegis Server as specified in the BSL configuration file. If the client must call a secondary Aegis Server, the call must include Aegis Server identification parameters. The BSL uses the Aegis Server identification parameters to authenticate and direct a web service call to a secondary Aegis Server.
A client can use the following combinations of Aegis Server identification parameters on web service calls:
The hostName and portNumber parameters with the userName and password parameters authenticate to the BSL and specified Aegis Server. The BSL directs the call to the specified server.
The hostName and portNumber parameters with the sessionID parameter authenticate to the specified Aegis Server using the credentials from the sessionID parameter. The BSL directs the call to the specified server.
NOTE:The sessionID parameter alone always directs the call to the BSL primary Aegis Server.
The hostName and portNumber parameters on a login call authenticate to the BSL and to the specified Aegis server. The login call returns an error if the hostName and portNumber do not identify an Aegis server under the BSL.
The following table summarizes the Aegis Server identification parameters.
|
Parameter |
Description |
|---|---|
|
hostName |
OPTIONAL. Aegis server host name. |
|
portNumber |
OPTIONAL. Port number where the Aegis server listens for requests. |
A successful login call returns session identifier parameter sessionID in its response body. The sessionID parameter represents an open session between the client and the BSL primary Aegis Server. A client can use the session identifier for subsequent web service calls to the primary Aegis Server.
To redirect a call from the primary Aegis Server to a secondary also under the BSL, the call must include the hostName and portNumber parameters with the sessionID to identify and authenticate to the Aegis Server.
A client can include the hostName and portNumber parameters on a login call to authenticate to the BSL and a secondary Aegis Server. The login call returns an error if the Aegis Server is not available under the BSL.
NOTE:Regardless what Aegis Server the client specifies on the login command, the sessionID returned in the response body always identifies the BSL primary Aegis Server.
The sessionID parameter has a 24-hour time lease that is renewed each time the client uses it. The sessionID parameter is also good for either web service, that is, a client can use the sessionID returned by an Integration web service login call to send either Integration or IQConnect web service calls.