Authentication
Authentication is a process of identifying the credential of the user who sent the request. A user requires proof of identity before establishing trust with the server.
- Basic
The credential used for authentication is obtained from the HTTP authorization header in the form of username and password. The username and password are authenticated against an LDAP authentication provider.
- Username Token
The credential used for authentication is the usernameToken obtained from the security header of the SOAP message. The username and password from the usernameToken are authenticated against an LDAP authentication provider.
- Security Assertion Markup Language (SAML)
The credential used for authentication is the SAML assertion derived from the security header of the SOAP message. The SAML assertion is authenticated using an identity service provider.
- X509
The credential used for authentication is the X509 certificate from the security header of the SOAP message. To use the X509 authentication , the SOAP message must be sent using X509 token profile. The SAML assertion is authenticated using an identity service provider.
- Kerberos (SPNEGO)
The credential is an authentication protocol for client-server applications. SPENGO provides a mechanism for extending Kerberos to web application using the standard HTTP protocol.
- SiteMinder
The credential provides policy-based authentication and single sign-on for all web-based applications. This can be used along with IdentityMinder that manages user profiles, and TransactionMinder that provides access to web services.