PAPI Web Service Security Authentication

This section describes the different types of authentication mechanisms that PAPI Web Service supports.

You can independently enable or disable any of these authentication mechanisms.

When PAPI Web Service starts running it activates the authentication providers that correspond to the enabled authentication mechanisms.

Every time a client makes a request to PAPI Web Service, this request goes through an authentication phase before reaching the service endpoint. During this phase the activated authentication providers will be called in the order they appear in the preceding list. When one of these providers succesfully authenticates the request the application grants access to the web service. If all the activated providers reject acess, the request is rejected.

• Configuring Single Sign On Authentication
  Papi Web Service can use a custom Single Sign On (SSO) implementation to authenticate the client. These following procedures show you how to configure SSO Authentication for PAPI Web Service.
• Configuring Username Token Profile
  PAPI Web Service can use Web Services Security Username Token Profile to authenticate the client. The following procedures show you how to configure Username Token Profile for PAPI Web Service.
• Configuring HTTP Basic Authentication
  PAPI Web Service can use HTTP Basic authentication to authenticate the client. The following procedures show you how to configure HTTP Basic authentication for PAPI Web Service.
• Configuring PRESET Authentication
  A PRESET is a set of properties that you can define in a directory.xml file for different purposes. This mechanism of authentication is only available for Enterprise installations. The following procedures shows you how configure PRESET authentication for PAPI Web Service.