Versions Compared

Old Version 4

changes.mady.by.user Sebastian Gardan

Saved on

compared with

New Version 5

changes.mady.by.user Patrick Ahmed

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Ceptor offers a WebService/XML integration service which integrates the functionality of Ceptor into other security solutions. This allows other security solutions to securely access the extensive suite of services available internally in the Ceptor security infrastructure. This includes gaining access to, for example, shared sessions, central logging, extensive statistics and application server security plug-ins.
This document describes how to integrate the other security solutions with Ceptor through the WebService/XML integration interface.
This document will not describe how to install and configure Ceptor components/agents in general. For more information about these issues please refer to the Ceptor documentation and whitepaperswhite papers.

Integration services

The WebService/XML integration service offers the possibility for an external security solution to create and manipulate sessions through the Ceptor session controller(s). Through the integration service it is also possible to utilize the central logging and statistics features in Ceptor.
Below are listed the methods available through the WebService/XML integration interface:

...

  • CreateSession
    Creates a session in the Ceptor domain (essentially log a user in) allowing for shared sessions across backend applications and enables usage of, for example, Ceptor application server plugins. Sessions can be creates as created as anonymous or logged in sessions
  • LoginSession
    Sets the session state to "logged in" if the session created was anonymous or the session has been logged off
  • LogoffSession
    Sets the session state to "logged off"
  • RemoveSession
    Remove a session from the Ceptor plugin (essentially log the user off the Ceptor domain)
  • SetSessionAttribute
    Sets a session attribute in the Ceptor session allowing backend applications to read that information
  • GetSessionAttribute
    Retrieves a session attribute from the Ceptor shared session
  • LogStatistics
    Log statistic values in the central Ceptor statistics repository
  • LogToTransactionLog
    Adds a log entry to the transaction log in Ceptor

...

The integration service can be used as a WebService (utilizing SOAP 1.1) or through an XML inteface interface via HTTP. There is no difference in the two ways of accessing the integration service except that the XML interface offers higher performance. The two interfaces will always offer the same services with the same arguments. Using a standard SOAP implementation (like for example Apache Aaxis that offers both Java and C/C++ implementations) allows for a very fast integration between the external security solution and Ceptor. The XML interface will require more work to implement but the performance gained (especially in a high volume environment) might beis be worth considering.
Both services are accessed through the session controller(s).

...

The Ceptor WebService interface is built using the Apache Axis framework. When the Ceptor session controller has been installed and enabled for using the WebService integration interface it runs "as is" with no further configuration.
Since the Ceptor Webservice interface is built on the Axis framework it is possible to manipulate the WebService configuration. This allows for enabling SOAP monitoring using the Axis SOAP monitor, enabled security for the WebService calls (it is for example possible to use the Axis support for HTTP based security and userid/password through the SOAP header). This is all done through the "server-config.wsdd" deployment descriptor.
It is also possible to setup set up security through the web application deployment descriptor, depending on the application server used to run the Ceptor session controller, this can be done through the application server configuration.
For more information on how to setup set up security, debug and other Axis specific features please refer to http://ws.apache.org/axis/java/index.html.
As part of the Ceptor release is a default server-config.wsdd file that supports the Ceptor integration services. This file must be built into the Ceptor server web application along with the Axis requires libraries. IT-Practice will provide such a sample build when aquiring acquiring the WebService integration feature for Ceptor. The required (and tested) libraries are:

...