User Authentication Overview TIBCO API Exchange Gateway supports authentication at two levels, as follows: − Transport Layer This layer supports the authentication mechanism supported by the transport. − Gateway Layer This layer supports the WebServices Security (WSS) authentication. Transport and Protocol Level Authentication When the partner sends a request, the first level authentication of is done at the transport layer. TIBCO API Exchange Gateway supports the following transports for authentication: − HTTP(s) TIBCO API Exchange Gateway uses the Apache HTTP Server for HTTP/HTTPs transport. − JMS TIBCO API Exchange Gateway uses TIBCO Enterprise Message Service for JMS transport. Authentication at Apache HTTP Server For the HTTP/HTTPs transport, the request is created with the header fields in the context message. This request context message becomes part of the RV message using the protocol termination functionality when forwarded to the gateway. The following types of authentication are supported for HTTP/HTTPs transport: − No Authentication: this indicates that the request does not have any user credentials. In this case, the request is processed as an anonymous user. − Basic Authentication: this indicates that the request has the user credentials. In this case, the user is authenticated. − Mutual Authentication using SSL certificates. Refer to the Apache HTTP server documentation to configure the authentication type for the Apache server. Authentication at TIBCO Enterprise Message Service TIBCO API Exchange Gateway provides the authentication mechanism supported by TIBCO Enterprise Message Service for the JMS transport. The request is created with the JMS application header fields in the context message for the JMS transport. The request context message is forwarded to the gateway using the protocol termination functionality.
