Adding a WSDL or SOAP Data Source
This section describes how to add a WSDL or SOAP data source. Redefining existing WSDL data sources as SOAP data sources might increase your success in integrating those data sources with TDV and other client applications.
For more information on adding data sources, Refer the User Guide, section Adding a Data Source.
Refer the User Guide, Chapter Retrieving Data Source Metadata for how to introspect a data source.
To add a WSDL or SOAP data source
| 1. | Select WSDL or SOAP as the data source adapter and click Next. |
| 2. | For Name, enter a name for your data source. |
| 3. | On the Basic tab, provide this information for a data source. |
|
Field |
Description |
|
URL |
URL to the WSDL or SOAP data source. WSDLs can be available by URL over any accessible network. A locally mapped WSDL can be introspected using a URL format like the following: file:///Z:/test.wsdl |
|
Login |
Optionally, provide a valid username to the data source. |
|
Password |
Optionally, provide a password to the data source. |
|
This check box is enabled only if Pass-through Login is enabled. Refer the User Guide, Section About Pass-Through Login for more information. |
|
|
Disabled—The default setting. This allows automated provisioning of a connection pool. If Pass-through Login is disabled, the Save Password check box is not available. Enabled—A new connection to the data source uses the credentials supplied by the client when data is requested from that data source for the first time. If Pass-through Login is enabled, the Save Password check box becomes available. Refer the User Guide, Chapter About Pass-Through Login for more information. |
|
|
Choose the method of authentication for this data source: BASIC, NTLM, or NEGOTIATE, OAuth, Digest. When selecting OAuth as the authentication mode, another tab will display. Authentication for the data source must be designated as OAuth 2.0 when the physical data source was first added. |
|
|
Domain |
For NTLM authentication only, enter the domain. See “Configuring NTLM Authentication” in the TDV Administration Guide for more information. |
|
Service Principal Name |
For NEGOTIATE authentication with Kerberos only, enter the service principal name. See “Configuring Kerberos Single Sign-On” in the TDV Administration Guide for more information. |
|
SAML Header Class |
SAML assertions are defined in the headers of a class. Type the class name that owns the SAML header. |
| 4. | If the data source requires client authentication, click the Advanced tab. See Client Authentication for Web Data Sources for how to configure client authentication. |
If the data source requires OAuth, select the OAuth 2.0 tab. Specify the values appropriate to the OAuth flow you want to use. For examples, see TDV SOAP and REST OAUTH Examples. (This tab and the fields are available to edit after creation of the data source.)The following table describes the values the user is to provide on the OAuth 2.0 tab:
|
Field |
Description |
|||||||||||||||
|
OAuth Flow |
These OAuth flows:
|
|||||||||||||||
|
Client Identification |
Used in the request-body of token requests. A unique string representing the identifier issued to the client during registration. It is exposed to the resource owner. Format: string of printable characters. |
|||||||||||||||
|
Client Secret |
Used in the request-body of token requests. Enabled only for AUTHORIZATION_CODE, and OAuth flow. Format: string of printable characters. |
|||||||||||||||
|
Authorization URI |
URI to use for establishing trust and obtaining the required client properties. |
|||||||||||||||
|
Access Token URI |
URI to use for communicating access and refresh tokens to the client or resource server. Disabled only for IMPLICIT OAuth flow. |
|||||||||||||||
|
Redirect URI |
Client’s redirection end point, established during client registration or when making an authorization request. Must be an absolute URI, and must not contain a fragment component. The authorization server redirects the resource owner to this end point. |
|||||||||||||||
|
Scope |
Authorization scope, which is typically limited to the protected resources under the control of the client or as arranged with the authorization server. Limited scope is necessary for an authorization grant made using client credentials or other forms of client authentication. Format: one or more strings, separated by spaces. |
|||||||||||||||
|
State |
A request parameter used in lieu of a complete redirection URI (if that is not available), or to achieve per-request customization |
|||||||||||||||
|
Expiration Time (Sec) |
The lifetime of the access token. |
|||||||||||||||
|
Use Refresh Token To Get Access Token |
Checking this box enables the use of refresh tokens to obtain access tokens, rather than obtaining them manually. |
|||||||||||||||
|
Login and Password |
User credentials with which the client or resource owner registers with the authentication server before initiating the OAuth protocol. |
|||||||||||||||
|
Pass-through Login |
Enabled or Disabled |
|||||||||||||||
|
Authentication |
BASIC, DIGEST, NTLM, or NEGOTIATE—The usual collection of authentication methods, used for registration with the authentication server. |
|||||||||||||||
|
Domain |
Domain to which the client or resource owner belongs; for example, composite. |
|||||||||||||||
|
Service Principal Name |
SPN of the client or resource owner. |
|||||||||||||||
|
Access Token Type |
Bearer—User of a bearer token does not need to prove possession of cryptographic key material. Simple inclusion of the access token in the request is sufficient. Query—The query string “?access_token=<token>” is appended to the URL. Not available for SOAP data sources. |
|||||||||||||||
|
Access Token |
Credentials used to access protected resources, with a specific scope and duration. Usually opaque to the client. |
|||||||||||||||
|
Get Token button |
Initiates acquisition of an access token. Proper information must be configured for this request to succeed. |
|||||||||||||||
|
Refresh Token |
Credentials used to obtain access tokens when they become invalid or have expired. Intended for use with authorization servers, not resource servers. |
|||||||||||||||
|
Custom Flow |
The name of the custom flow for a data source with an OAuth flow of CUSTOMIZED. |
|||||||||||||||
|
Using Processors check box and editable text field |
Check this box to use processors. The editable text field allows you to enter JavaScript and XML. You can use this field to add JavaScripts that log in automatically or use XML to customize any part of the authorization or access token that does not conform to specifications. Editable text fieldThe editable text field underneath the Using Processors check box can be used to type the XML elements necessary to establish authorization and access tokens. For example: <Authorization> <AuthorizationProcessors> <AuthorizationProcessor> document.getElementById('email').value='queenbeeza@gmail.com'; document.getElementById('pass').value='jellypassword'; document.getElementById('loginbutton').click(); </AuthorizationProcessor> </AuthorizationProcessors> </Authorization> <AccessToken> <RequestMsgStyle>QUERY</RequestMsgStyle> <ResponseMsgStyle>FORM</ResponseMsgStyle> <ExpireTime>1000</ExpireTime> </AccessToken> |
|||||||||||||||
|
Sensitive Keyword in JavaScript |
Click the plus-sign icon one or more times to add tag-keyword pairs to substitute into the JavaScript specified for a custom authorization flow. The values sent to the server are encrypted, and then replaced with their decrypted values where the tags are found in the JavaScript. These pairs are used for the user name, email ID, password, and other sensitive information. Tag—The name of the tag to find in the JavaScript. Keyword—The encrypted value to decrypt and substitute for the tag in the JavaScript. |
| 5. | Click Create & Introspectto initiate introspection. |
The Data Source Introspection dialog displays, for the specified WSDL, the available services, ports, and operations. Expand the nodes of the Web service and ports to see the operations within each service.