Administration Guide > Configuring Kerberos Single Sign-On > Using Kerberos Authentication with Published Resources > Configuring New Web Services for Kerberos Authentication
 
Configuring New Web Services for Kerberos Authentication
If you are creating a new REST, SOAP, WSDL, or XML/HTTP data source that needs to use Kerberos authentication, follow the steps in this section.
Follow these steps to implement Kerberos authentication where TDV is the client:
1. Configure Kerberos as described in Using Kerberos Authentication with TDV.
2. Create a new Web service for the REST, SOAP, WSDL, or XML/HTTP data source and publish a resource to the new Web service.
For information about publishing Web resources, see “Publishing Resources to a Web Service” in the TDV User Guide.
3. For a REST Web service, follow these steps:
a. Open the REST Web service that you want to configure for Kerberos authentication.
b. Select the REST tab.
c. Set the following Service properties to configure the Web service for Kerberos:
Enabled: true
Enable HTTP Negotiate: true
 
4. For a SOAP or WSDL Web service, follow these steps:
a. Open the SOAP or WSDL Web service that you want to configure for Kerberos authentication.
b. Select the SOAP tab.
c. Set the following Service properties to configure the Web service for Kerberos:
Enabled: true
Security Policy: /policy/security/system/Http-Negotiate-Authentication.xml
 
5. In Studio, create a new REST, SOAP, WSDL, or XML/HTTP data source, specifying the following parameters on the Basic tab.
a. REST connection parameters are shown in the following table:
Connection Type
Parameters to Specify
REST
Base URL: URL to access this REST data source using the syntax:
Login: <LDAP login for this domain>
Password: <LDAP password for this domain>
Pass-through Login: Disabled
Authentication: NEGOTIATE
Domain: not available
Service Principal Name: HTTP@<machine>.<domain>
Method: For the XML/HTTP protocol, under Operations, the specification for HTTP Verb must be POST or GET.
 
b. SOAP connection parameters are shown in the following table:
Connection Type
Parameters to Specify
SOAP
URL: <URL to access this SOAP data source>
Login: <LDAP login for this domain>
Password: <LDAP password for this domain>
Pass-through Login: Disabled
Authentication: NEGOTIATE
Domain: <LDAP domain name>
Service Principal Name: HTTP@<machine>.<domain>
 
c. WSDL connection parameters are shown in the following table:
Connection Type
Parameters to Specify
WSDL Connection Information
URL: <URL to access this WSDL>
Login: <LDAP login for this domain>
Password: <LDAP password for this domain>
Pass-through Login: Disabled
Authentication: NEGOTIATE
Domain: not available
Service Principal Name: HTTP@<machine>.<domain>
 
d. XML/HTTP connection parameters are shown in the following table:
Connection Type
Parameters to Specify
XML/HTTP Connection Information
URL: <URL to access this WSDL>
Login: <LDAP login for this domain>
Password: <LDAP password for this domain>
Pass-through Login: Disabled
Authentication: NEGOTIATE
Domain: not available
Service Principal Name: HTTP@<machine>.<domain>
Method: For the XML/HTTP protocol, under Operations, the specification for HTTP Verb must be POST or GET.
 
6. Verify that the connection works:
a. Introspect the REST, SOAP, or WSDL data source.
b. Open the Web service operation and run it.