Transport and Protocol Level Authentication

When the partner sends a request, the first level authentication is done at the transport layer. TIBCO API Exchange Gateway supports the following transports for authentication:

  • HTTPS

    TIBCO API Exchange Gateway uses the Apache HTTP Server for HTTP/HTTPs transport.

  • JMS

    TIBCO API Exchange Gateway uses TIBCO Enterprise Message Service for JMS transport.

Authentication at Apache HTTP Server

For the HTTP/HTTPs transport, the request is created with the header fields in the context message. This request context message becomes part of the RV message using the protocol termination functionality when forwarded to the gateway.

The following types of authentication are supported for HTTP/HTTPs transport:

  • No Authentication: indicates that the request does not have any user credentials. In this case, the request is processed as an anonymous user.
  • Basic Authentication: indicates that the request has the user credentials. In this case, the user is authenticated.
  • Mutual Authentication using SSL certificates.
Note: Refer to the Apache HTTP server documentation to configure the authentication type for the Apache server.

Authentication at TIBCO Enterprise Message Service

TIBCO API Exchange Gateway provides the authentication mechanism supported by TIBCO Enterprise Message Service for the JMS transport. The request is created with the JMS application header fields in the context message for the JMS transport. The request context message is forwarded to the gateway using the protocol termination functionality.