Authentication Using Custom Shared Resource
You may use a custom shared resource in an authentication policy to authenticate a request.
The custom shared resource contains a custom login module implemented by the user. The custom shared resource is specified using the ResourceInstance attribute in a policy.
For example, if the custom shared resource CelmAsp is configured in the CelmAsp.properties file, use it as follows in an authentication policy:
<tpa:WssProcessor ResourceInstance="CelmAsp"/>
TIBCO API Exchange Gateway calls the custom login module defined in the CelmAsp.properties file.
Refer to Create Shared Resource Properties File for Custom Authentication for custom shared resource properties.
To use custom shared resource for an authentication, you must complete the following tasks:
- Implement the custom login module. See Implement Custom Login module.
- Package the custom login module. See Packaging the Custom Login Module Jars.
AuthenticationByCelm.policy
<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wssp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:tpa="http://xsd.tns.tibco.com/governance/policy/action/2009"> <wsp:All> <wsp:Policy > <tpa:WssProcessor ResourceInstance="CelmAsp"/> </wsp:Policy> <wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> <tpa:VerifyAuthentication> <tpa:ExactlyOne> <wssp:UsernameToken /> </tpa:ExactlyOne> </tpa:VerifyAuthentication> </wsp:Policy> </wsp:All> </wsp:Policy>