Administration Guide > Configuring Kerberos Single Sign-On > Using Kerberos Authentication with Published Resources > Configuring New Web Services for Kerberos Authentication
 
Configuring New Web Services for Kerberos Authentication
If you are creating a new REST, SOAP, WSDL, or XML/HTTP data source that needs to use Kerberos authentication, follow the steps in this section.
To implement Kerberos authentication where TDV is the client
1. Configure Kerberos as described in Using Kerberos Authentication with TDV.
2. Create a new Web service for the REST, SOAP, WSDL, or XML/HTTP data source and publish a resource to the new Web service.
For information about publishing Web resources, see “Publishing Resources to a Web Service” in the TDV User Guide.
3. For a REST Web service, follow these steps:
a. Open the REST Web service that you want to configure for Kerberos authentication.
b. Select the REST tab.
c. Set the following Service properties to configure the Web service for Kerberos:
Enabled: true
Enable HTTP Negotiate: true
 
4. For a SOAP or WSDL Web service, follow these steps:
a. Open the SOAP or WSDL Web service that you want to configure for Kerberos authentication.
b. Select the SOAP tab.
c. Set the following Service properties to configure the Web service for Kerberos:
Enabled: true
Security Policy: /policy/security/system/Http-Negotiate-Authentication.xml
 
5. In Studio, create a new REST, SOAP, WSDL, or XML/HTTP data source, specifying the following parameters on the Basic tab.
a. For REST, use the connection parameters shown in the table.
Connection Type
Parameters to Specify
REST
Base URL: URL to access this REST data source using the syntax:
Login: <LDAP login for this domain>
Password: <LDAP password for this domain>
Pass-through Login: Disabled
Authentication: NEGOTIATE
Domain: not available
Service Principal Name: HTTP@<machine>.<domain>
Method: For the XML/HTTP protocol, under Operations, the specification for HTTP Verb must be POST or GET.
The following figure shows a REST example.
 
b. SOAP connection parameters are shown in the table.
Connection Type
Parameters to Specify
SOAP
URL: <URL to access this SOAP data source>
Login: <LDAP login for this domain>
Password: <LDAP password for this domain>
Pass-through Login: Disabled
Authentication: NEGOTIATE
Domain: <LDAP domain name>
Service Principal Name: HTTP@<machine>.<domain>
The following shows a SOAP example.
 
c. WSDL connection parameters are shown in the table.
Connection Type
Parameters to Specify
WSDL Connection Information
URL: <URL to access this WSDL>
Login: <LDAP login for this domain>
Password: <LDAP password for this domain>
Pass-through Login: Disabled
Authentication: NEGOTIATE
Domain: not available
Service Principal Name: HTTP@<machine>.<domain>
The following figure shows a WSDL example.
 
d. XML/HTTP connection parameters are shown in the table.
Connection Type
Parameters to Specify
XML/HTTP Connection Information
URL: <URL to access this WSDL>
Login: <LDAP login for this domain>
Password: <LDAP password for this domain>
Pass-through Login: Disabled
Authentication: NEGOTIATE
Domain: not available
Service Principal Name: HTTP@<machine>.<domain>
Method: For the XML/HTTP protocol, under Operations, the specification for HTTP Verb must be POST or GET.
The following figure shows an XML/HTTP example.
 
6. Verify that the connection works:
a. Introspect the REST, SOAP, or WSDL data source.
b. Open the Web service operation and run it.