Transport and Protocol Level Authentication
When the partner sends a request, the first level authentication is done at the transport layer. TIBCO API Exchange Gateway supports the following transports for authentication:
- HTTPS
TIBCO API Exchange Gateway uses the Apache HTTP Server for HTTP/HTTPs transport.
- JMS
TIBCO API Exchange Gateway uses TIBCO Enterprise Message Service for JMS transport.
Authentication at Apache HTTP Server
For the HTTP/HTTPs transport, the request is created with the header fields in the context message. This request context message becomes part of the RV message using the protocol termination functionality when forwarded to the gateway.
The following types of authentication are supported for HTTP/HTTPs transport:
- No Authentication: indicates that the request does not have any user credentials. In this case, the request is processed as an anonymous user.
- Basic Authentication: indicates that the request has the user credentials. In this case, the user is authenticated.
- Mutual Authentication using SSL certificates.
Authentication at TIBCO Enterprise Message Service
TIBCO API Exchange Gateway provides the authentication mechanism supported by TIBCO Enterprise Message Service for the JMS transport. The request is created with the JMS application header fields in the context message for the JMS transport. The request context message is forwarded to the gateway using the protocol termination functionality.