Provides fine-grained authorization for access to Web services.
The Service Authorization mediation primitive follows block-or-pass semantics. All authorization policies must be true for the request to proceed. Multiple authorization policies are used to allow the administrator to take advantage of the policy scoping capabilities of the Service Policy Manager. Each authorization policy name implies (although it does not require) the corresponding appropriate scope for its usage.
Policy | Type | Description |
---|---|---|
requester.service.Authorized | Boolean | Indicates whether access to a service is allowed for a requester. Default: true |
requester.operation.Authorized | Boolean | Indicates whether access to a service operation is allowed for a requester. Default: true |
requester.anonymousAccessAllowed | Boolean | Indicates whether anonymous requests (for example, unauthenticated requests) are allowed to pass. Default: false |
None
<twss:twssHeaders> ... <globalTransactionID> <!-- Used to identify the transaction associated with this request. The global transaction ID is used in a foreign key relationship with the TRANSA CTIONS table. --> </globalTransactionID> <requesterID> <!-- Used to identify the requester for this request --> y</requesterID> ... <twss:policies> <twss:policy attribute="" value=""/> <twss:policy attribute="" value=""/> ... </twss:policies> ... </twss:twssHeaders>
The following SOAP header elements are added or modified for downstream mediation primitives:
None
SMO header (represented by XPath) | Content |
---|---|
ServiceMessageObject/context/failInfo/failureString | The full message text that represents the fault situation with substituted variables. For example, SOAC4025E: Error occurred. |
ServiceMessageObject/context/failInfo/origin | The name of the mediation primitive class that originated the fault. |
ServiceMessageObject/SOAPFaultInfo/faultcode | The TWSS message code that represents the fault situation. For example, SOAC4025E. |
ServiceMessageObject/SOAPFaultInfo/faultstring | The full message text that represents the fault situation with substituted variables. For example, SOAC4025E: Error occurred. |