How can I restrict a webservice through SRA by user
Hi,
currently, we have a webservice authenticating by IP. We are installing the JES Portal Server and SRA.
How can we continue authenticating the webservice by client IP, if the request pass through gateway SRA without modify the webservice.
The problem is, the webservice is not available for all users. Other solution can be restrict the access to the webservice to some users. How we can get restricted by user?
Thanks in advance for your answer.
Oscar Armando
# 1
> How can we continue authenticating the webservice by
> client IP, if the request pass through gateway SRA
> without modify the webservice.
You can not. If the request is going the SRA, then that is what your web app will think the client IP is.
> The problem is, the webservice is not available for
> all users. Other solution can be restrict the access
> to the webservice to some users. How we can get
> restricted by user?
Sorry, again. The gateway service is only configurable globally. It can not be changed be user.
One suggestion would be to exclude this webservice from SRA, so that links to it are not rewritten, and requests for it do not go through SRA. Then, requests come directly from the client to the webservice, which properly authenticates by IP. Under the 'Rewriter' tab, add the webservice to the URI's not to rewrite box.
# 2
With the post authentication class, you can find if the user is coming through a gateway. Depending on that you may add role to the user session. And you may associate an access list to the role.
So, it's possible to restrict access when users are coming through a gateway. We had a proof of concept class but I can't find it anymore.
