The Parlay 4.2 level framework specification provides support for choosing a framework version with which to authenticate. This can be useful where a client requires services that depend on the framework version. Compatibility with the version 3.x authentication scheme is provided for all configurations.
Additional classes for OAS, Lucent, and Aepona have been provided for Parlay version 4.2 authentication support. This version is shown as a configurable item in the administration console for all the configurations.
By comparing the digests at both the gateway end and the connector end, you can tell whether the authentication has succeeded. Hashing methods proposed by the Parlay group, such as P_OSA_MD5, P_OSA_HMAC_SHA1_96 and P_OSA_HMAC_MD5_96, are included.
The default implementation of the Authenticator interface begins the authentication process.
The encryption method waits for the Parlay gateway to call the Authenticator Callback object. When the Parlay gateway has notified the Authenticator Callback that it has successfully authenticated itself, the Authenticator object sends a random byte array to the Parlay gateway. The Parlay gateway must encrypt this data and return the result to the Authenticator. If the Authenticator verifies the response, then the Authenticator notifies the Parlay gateway that it has successfully authenticated itself.
The default implementation of the Authenticator Callback interface receives a byte array from the Parlay gateway. The Authenticator Callback encrypts this data and returns the result to the Parlay gateway. If the Parlay gateway verifies the response, then the Parlay gateway notifies the Authenticator Callback that it has successfully authenticated itself.
If customer support is needed for authenticating with a Parlay gateway, either the Authenticator class name configuration field or the Authenticator callback class name configuration field, or both, can be used to specify custom classes.
The class specified in the Authenticator class name configuration field must implement the com.ibm.wast.parlay.connector.Authenticator interface.
The class specified in the Authenticator callback class name configuration field must implement the com.ibm.wast.parlay.api.fw.fw_access.trust_and_security.IpClientAPILevelAuthentication and com.ibm.wast.parlay.connector.AuthenticatorCallback interfaces.