Authentication using File-Based Identity Store
Overview of file-based authentication.
TIBCO API Exchange Gateway supports user authentication using the file identity store which can be used for both Basic and UsernameToken authentication. When the client sends the username and password in the HTTP basic authentication header of the request message, you can enforce a Basic authentication policy to authenticate the client’s identity.
For user authentication using the file resource, the user credentials are stored in an XML file accessible by the Core Engine. The XML file contains one-way hashes of salted passwords. The Core Engine uses the credentials stored in an XML file to authenticate the user. To protect the credentials of the users, the file should be access-protected.
If the roles information are provided using the <group-name> tag in the XML file, the SAML assertion generated from a successful authentication contains the roles information. The roles can be used in the authorization policy.
- Configuring User Authentication Policy using File
To configure the user authentication policy using a file resource, follow these steps: