Working with Web Service Authentication (WWSA)

Web service authentication allows you to define which CWSerenade web service endpoints require authentication and the valid web service authentication users for each web service.

In this topic:

• Web Service Authentication Process

• Web Services Eligible for Authentication

• Work with Web Service Authentication Screen

• Work with Web Service Authentication Users Screen

• Add User Window

Web Service Authentication Process

When an external system calls a CWSerenade web service, the web service looks at the Webservice table to determine whether authentication is required.

• If the require_auth field in the Webservice table for the web service is set to Y, the web service requires authentication. In this situation, the system requires you to pass a valid web service authentication user ID and password, as defined in the Webservice Users table, using Basic Authentication.

• If the web service passes basic authentication, the web service continues with regular processing.

• If the web service fails basic authentication, the web service returns an error.

• For SOAP-based web service types, the web service returns a general exception error:

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

<soapenv:Body>

<soapenv:Fault>

<faultcode>soapenv:Server.generalException</faultcode>

<faultstring>Invalid access</faultstring>

<detail>

<ns1:hostname xmlns:ns1="http://xml.apache.org/axis/">cwserenade-qa2</ns1:hostname>

</detail>

</soapenv:Fault>

</soapenv:Body>

</soapenv:Envelope>

• For RESTful web service types, the web service returns an access not allowed error:

Access not allowed

• If the require_auth field in the Webservice table for the web service is set to N, blank, or null, the web service does not require authentication.

Web Services Eligible for Authentication

You can define web service authentication for the following CWSerenade web services:

• CWCustomer, both SOAP-based and RESTful web service types. This web service is used to process an Inbound Customer Message (CWCustomerIn) received from an external system. See Generic Customer API for more information.

• CWEmailRequest; this web service is available as a SOAP-based web service type only. It is used to process an Email Request Message (CWEmailRequest) received from an external system. See Store Pickup Confirmation Email Program (L48) for more information.

• CWManifest; this web service is available as a SOAP-based web service type only. It is used to process a Manifest Pick Request Message (CWManifestPickRequest) and Manifest Ship Request Message (CWManifestShipRequest) received from an the external system. See PC Manifesting Interface for more information.

• CWMessageIn, both SOAP-based and RESTful web service types. This web service works with any of the integration layer processes set up through Working with Integration Layer Processes (IJCT), including the e-commerce processes (available through the E-Commerce Jobs function at the Work with Integration Layer Process Screen). See Messages Processed By the CWMessageIn Web Service for a list of the messages processed by the CWMessageIn web service and see CWMessageIn Web Service for an overview.

• CWOrderIn, both SOAP-based and RESTful web service types. This web service is used to process an Inbound Order XML Message (CWORDERIN) from an external system. See Generic Order Interface (Order API) for more information.

• CWPickIn, both SOAP-based and RESTful web service types. This web service is used to process a CWPickIn XML Message from an external system. See Generic Pick In API (Shipments, Voids, and Backorders) for more information.

• CWReceiptIn, both SOAP-based and RESTful web service types. This web service is used to process a PO Receipt In XML Message (CWReceiptIn) from an external system. See Purchase Order Receipt In API for more information.

• CWServiceIn, both SOAP-based and RESTful web service types. This web service is used to process the following messages received from an external system:

• Order Transaction History Message (CWOrderTransactionHistory) if its type attribute is CWOrderTransactionHistory. See Generic Order Transaction History API for more information.

• Order Line History In Message (CWOrdLnHstIn) if its type attribute is CWOrdLnHstIn. See Order Line History In API for more information.

• Item Availability Request XML Message (CWItemAvailabilityWeb) if its type attribute is CWItemAvailabilityWeb. See Item Availability API for more information.

• CWProcessIn Message if its type attribute is CWProcessIn. See Using the CWProcessIn Message to Start a Periodic Process for more information.

• PrivateRequest RESTful web service. This web service is used to process a Get Personal Data Request and Forget Personal Data Request from an external system. See the Personal Data API in the Data Secuity and Encryption guide for more information.

Work with Web Service Authentication Screen

Purpose: Use this screen to define which CWSerenade web services require authentication and the valid users and passwords for the web service.

How to display this screen: Enter WWSA in the Fast path field at the top of any menu or select Work with Web Service Authentication from a menu.

Field

Description

Web Service

A CWSerenade web service for which you can require web service authentication. Valid web services are: • CWCustomer • CWEmailRequest • CWManifest • CWMessageIn • CWOrderIn • CWPickIn • CWReceiptIn • CWServiceIn • PrivateRequest Enter a full or partial web service name to display web services that contain your entry. See Web Services Eligible for Authentication for a summary of each web service. Alphanumeric, 50 positions; optional.

Screen Option	Procedure
Configure web service authentication	Select Authentication for a web service to advance to the Work with Web Service Authentication Users Screen.

Work with Web Service Authentication Users Screen

Purpose: Use this screen to configure web service authentication for a web service.

How to display this screen: Select Authentication for a web service on the Work with Web Service Authentication Screen.

Field	Description
Web Service	The web service for which you wish to define authentication. Alphanumeric, 50 positions; display-only.
Required	Indicates whether the web service requires authentication. • Selected = The web service requires basic web service authentication. See Web Service Authentication Process for an overview. • Unselected = The web service does not require basic web service authentication. Note: After you update the required setting for a web service, use Reload System Cache (RCHE) to reset the system cache so that your changes take effect.
User	A valid web service authentication user that can authenticate the web service using Basic Authentication. Enter a full or partial user ID to display users that contain your entry. Alphanumeric, 50 positions; optional.

Screen Option	Procedure
Create a web service authentication user	Select Create to advance to the Add User Window.
Change a web service authentication user	Select Change for a user to advance to the Change User window. You can change only the password. See Add User Window for field descriptions.
Delete a web service authentication user	Select Delete for a user. At the Are you sure you want to delete the web service user? window, select Yes to delete the user; otherwise, select No to cancel. Note: After you delete a web service authentication user, use Reload System Cache (RCHE) to reset the system cache so that your changes take effect.

Add User Window

Purpose: Use this window to create a web service authentication user.

After you update the settings for a web service, use Reload System Cache (RCHE) to reset the system cache so that your changes take effect.

How to display this screen: Select Create on the Work with Web Service Authentication Users Screen.

Field	Description
User	The web service authentication user ID. The case you define for the user ID is not used; for example, user ID SFLYE and sflye are considered the same user ID. Alphanumeric, 50 positions. Add window: required. Change window: display-only.
Password	The password assigned to the web service authentication user. The password you assign to the user must adhere to the following rules: • The password must be greater than 6 positions, • cannot match the user ID, • must contain at least one letter, • must contain at least one number, and • must contain at least one special character. In addition, you can define both upper and lower case letters for the password. For security reasons, the system masks the password on the screen and encrypts the password in the Webservice Users table. Alphanumeric, 50 positions; required.