Enforcing Basic Authentication

Implement the Basic Authentication policy to ensure user credentials in request messages are authenticated.

First, set up a new Basic Authentication policy by creating and configuring the policy and its resources. Next, associate the policy with an activity or binding in your application.

Setting Up a Policy with Resources

Follow these steps to set a new Basic Authentication policy with resources:
  1. In the Project Explorer, right-click the Policies folder and select New > Policy.

    The Policy Wizard opens.



  2. Specify the following values in the Create New Policy Window:
    • Policy Folder: Name of the folder where policies will be located. defualt
    • Package: Name of the package in the module where the new policy is added. Accept the default package, or browse to select a different package name.
    • Policy Name: Name of the new policy. By default, the policy name is configured to match the security policy you choose. For example, if you select the Basic Authentication policy, the default name of the policy is Basic Authentication.
  3. Under Select the type of Policy, click Basic Authentication.
  4. From the Policy Defaults drop-down menu, select one of the following options:
    Note: The Policy Defaults menu offers a list of commonly used policy configurations to choose from. After you select a Policy Default, a policy with preconfigured settings and related resources is created. If resources already exist in the module, the newly created policy automatically refers them. However, if no resources exist, new resources with default settings are created and referred to by the policy. To view policy configurations and new resources that might be created, see the Default description at the bottom of the Policy Wizard .
    • Username/Password in workspace XML file: Select this option to verify user credentials through an XML Authentication resource stored in your workspace. A new Basic Authentication policy configured for XML authentication and the following resources are produced in your workspace:
      • A sample XML File containing user name and password credentials with the default file name XMLUsers.xml
      • A new XML Authentication resource with the default file name BasicAuthentication_AuthenticationProvider.authxml
    • Username/Password in filesystem XML file: Select this option to verify user credentials through an XML Authentication resource stored in your local file system. A new Basic Authentication policy configured for XML authentication is produced in your workspace:
      • A sample filesystem XML File the default file name BasicAuthentication_AuthenticationProvider.authxml
    • Username/Password in LDAP: Select this option to verify user credentials through an LDAP Authentication resource. A new Basic Authentication policy configured for LDAP authentication and the following resource is produced in your workspace:
      • A new LDAP Authentication resource with the default file name BasicAuthentication_AuthenticationProvider.ldapResource.
    • Empty Policy (No Default) : Select this option to create a new Basic Authentication policy with no preselected options and no resources.
  5. Optional. Select Always create new shared resources to ensure new resources are generated for the policy and referred to by the policy.
  6. Optional. Select Create module properties for common fields to override default properties in newly created resources with module properties. Resources with module properties for common fields are generated after you select this option.
  7. Select Finish to create the policy.

Configuring Resources and the Policy

For resource configurations, see the following topics under the "Shared Resources" topic in the TIBCO ActiveMatrix BusinessWorks™ Bindings and Palettes Reference guide.
  • XML Authentication
  • LDAP Authentication

For policy configuration details, see the topic "Basic Authentication", under "Policy Resources" in the TIBCO ActiveMatrix BusinessWorks™ Bindings and Palettes Reference guide.

Associating the Policy with an Activity or a Binding

You can associate the Basic Authentication policy with the following activities and bindings:
  • HTTP Receiver Activity
  • Wait for HTTP Request Activity
    Note: Credentials authenticated on this activity are not used for propagation during credential mapping.
  • SOAP Service Binding
  • REST Service Binding

For instructions about how to enforce a policy on an activity, or a binding in your application, see Associating Policies topic.