Basic Credentials Provider
This topic describes Basic Credentials Providers used within a service description.
Purpose of the Basic Credentials Provider
The Basic Credentials Provider provides a mechanism that allows user name and password credentials to be gathered, and provided to a Service Transport. The credentials that are gathered are specific to a single user session with HCL Leap. These credentials are not shared between multiple sessions and are not accessible to other users or administrators of Leap. The credentials may also be defined by the Leap server administrator and associated with an alias that is used in the service description. The value of the alias will depend on the deployment environment of Leap. The alias can refer to environment variables (when deployed to Kubernetes) or a Java 2 Connector (J2C) Authentication Data (when deployed to WebSphere).
When to use the Basic Credentials Provider
When a service description needs a set of credentials and the credentials vary based on the user invoking the service call, use the Basic Credentials Provider.
How to Configure the Basic Credentials Provider
In general, the Basic Credentials Provider does not need any custom configuration to work. By configuring the service description to use the Basic Credentials Provider, Leap collects credentials, and makes them available to the Service Transport configured in the service description.
To use the 'alias' with an authentication data credential, the WebSphere Application Server administrator must first define a user identity (User ID, Password, and Alias name) within the JAAS – J2C authentication data section of the WebSphere Application Server administrative console. For an example of the WebSphere Application Server Network Deployment 9.0.5, see the WebSphere Application Server documentation.
Sharing Credentials Between Service Descriptions
In some cases, several service descriptions might need to share a set of user credentials. Instead of having the user enter their credentials once per service, the Basic Credentials Provider can be configured to allow multiple service descriptions to share user-entered credentials using a realm.
The realm is a property of the Basic Credentials Provider. Its value is the name of the realm to which entered credentials are associated. When multiple service descriptions share the realm value, they share the set of credentials.
Using the Basic Credentials Provider in a Service Description
The provider ID for the Basic Credentials Provider to enter in a service description is: basic
Credentials Provider Parameters
| Name | Description | Mandatory | Default |
|---|---|---|---|
| realm | The name of the realm to use to associate entered credentials so that they can be shared between multiple service descriptions. | No | N/A |
| alias | The alias name of a user identity that contains the credentials that are required for the Service Description. This value must match the alias of a credentials set in VoltConfig.nsf. | Yes | N/A |
Sample Service Description using 'realm' property
<serviceDescription>
<id>make-http-request</id>
<defaultLocale>en-us</defaultLocale>
<transportId>HTTPServiceTransport</transportId>
<name xml:lang="en-us">Make an HTTP Request</name>
<description xml:lang="en-us">Makes an HTTP request to the configured URL and returns the result</description>
<credentials providerId="basic">
<property name="realm" value="myRealm" />
</credentials>
<inbound>
<parameters>
<parameter>
<id>request-url</id>
<name xml:lang="en-us">URL</name>
<description xml:lang="en-us">URL to request.</description>
<mandatory>true</mandatory>
<type>STRING</type>
</parameter>
<parameter>
<id>request-method</id>
<name xml:lang="en-us">Method</name>
<description xml:lang="en-us">HTTP method to use, one of GET, PUT, POST, or DELETE.</description>
<mandatory>true</mandatory>
<type>STRING</type>
</parameter>
</parameters>
</inbound>
<outbound>
<parameters>
<parameter>
<id>response-entity</id>
<name xml:lang="en-us">Response</name>
<description xml:lang="en-us">Response returned by making a request to the configured URL.</description>
<mandatory>false</mandatory>
<type>STRING</type>
</parameter>
</parameters>
</outbound>
</serviceDescription>
Sample Service Description using 'alias' property
<serviceDescription>
<id>make-http-request</id>
<defaultLocale>en-us</defaultLocale>
<transportId>HTTPServiceTransport</transportId>
<name xml:lang="en-us">Make an HTTP Request</name>
<description xml:lang="en-us">Makes an HTTP request to the configured URL and returns the result</description>
<credentials providerId="basic">
<property name="alias" value="myServiceCredential"/>
</credentials>
<inbound>
<parameters>
<parameter>
<id>request-url</id>
<name xml:lang="en-us">URL</name>
<description xml:lang="en-us">URL to request.</description>
<mandatory>true</mandatory>
<type>STRING</type>
</parameter>
<parameter>
<id>request-method</id>
<name xml:lang="en-us">Method</name>
<description xml:lang="en-us">HTTP method to use, one of GET, PUT, POST, or DELETE.</description>
<mandatory>true</mandatory>
<type>STRING</type>
</parameter>
</parameters>
</inbound>
<outbound>
<parameters>
<parameter>
<id>response-entity</id>
<name xml:lang="en-us">Response</name>
<description xml:lang="en-us">Response returned by making a request to the configured URL.</description>
<mandatory>false</mandatory>
<type>STRING</type>
</parameter>
</parameters>
</outbound>
</serviceDescription>
Parent topic: Services