CentraSite 10.3 | CentraSite User’s Guide | Asset Management | Managing Assets through CentraSite Business UI | Application Management | Defining Consumer Identifiers for Application Asset
 
Defining Consumer Identifiers for Application Asset
In the Identification profile, specify the precise values for the consumer identifiers that you have specified in the Evaluate <name> action.
Note:
The following general guidelines apply when you define the consumer identifiers for an Application asset:
*If you specify multiple identifiers, the system evaluates them with the identifier that is defined in the Evaluate <name> action.
*If you want to authenticate consumers, make sure that your Policy Enforcement Point (PEP) is configured to enable authentication. For information, see the webMethods Mediator documentation or the documentation for your third-party PEP.
*To define the consumer identifiers
1. In CentraSite Business UI, access the Advanced Search panel in one of the following ways:
*Click the Browse link in the upper-left corner of the menu bar.
*Click the Search icon next to the Scope list. The default search scope is Assets.
This displays a list of assets in the Search Results page.
2. In the Additional Search Criteria list, select Asset Types.
3. To search for the assets of type, Application, click Choose.
This opens the Choose Asset Types dialog box.
4. In the Choose Asset Types dialog box, select the Assets option button, and perform the following:
a. Click the chevron next to Assets option button.
A list of defined asset types in CentraSite is displayed.
b. In the list of asset types, select Application.
c. Click OK.
5. Click the Application asset you want to define consumer identifiers.
This opens the Application details page. Also, the actions bar displays a set of actions that are available for working with the Application.
6. In the Identification profile, specify values for one or more consumer identifier tokens.
Note:
The value(s) that you specify in the Identification profile depend on how the run-time policy's Evaluate <name> actions are configured. For example, if an Evaluate IP Address action is configured to identify and validate consumers by their IP address, you should specify the consumer IP addresses here.
Note:
For reasons of legibility some of the examples below contain break lines and may not work when pasted into applications or command line tools.
Field
Description
Identification Token
Identifies and authenticates consumers based on one or more of the following kinds of identification tokens:
Use this field when the Evaluate <name> action is configured to identify and authenticate consumer applications by host name, HTTP user name, WSS user name or a custom token.
*Host Name—To identify consumers based on a specified host name, type the host name (for example, pcmachine.ab.com) in the Name field. The application asset will identify only those requests that originate from the specified host name.
*HTTP Authentication Token—To identify and authenticate consumers based on the user name that is transmitted in an HTTP authentication user token, type the user name (for example, testuser123) in the Name field. The application asset will identify only the requests that contain the specified user name encoded and passed in the HTTP authentication user token. Authentication is handled by LDAP or another external authentication mechanism. You can specify the kinds of HTTP headers that Mediator will pass from requests to consumer applications. The default is the Authorization header. To configure Mediator to pass other kinds of HTTP headers, see the Mediator documentation.
*WS-Security Authentication Token—To identify and authenticate consumers based on the user name that is transmitted in the SOAP or XML message header (HTTP body), type the user name (for example, userwss) in the Name field. The application asset will identify only the requests that contain the specified user name passed in the SOAP or XML message header. Authentication is handled by LDAP or another external authentication mechanism.
*Custom identification token (XPath)—To identify consumers based on the result of applying an XPath expression on the SOAP or XML message or request, enter the XPath expression in the Name field. For example, typing //*[local-name()='Envelope']/*[local-name()='Body'] /*[local-name()='echoInt']/*[local-name()='echoIntInput='][.='2']in the Name field will identify the requests that contain the XPath and the consumers.
If you need to specify additional tokens, use the plus button to add more rows.
From IP-V4 Address
Identifies consumers based on their originating 4-byte IP address.
Use this field when the Evaluate IP Address action is configured to identify consumer applications based on their originating IP addresses.
To specify an individual IP address, type the address in the From IP-V4 Address field. The application asset will identify only those requests that originate from the specified IP address. Example: 192.168.0.0
To IP-V4 Address
Identifies consumers based on their 4-byte IP address range.
Use this field when the Evaluate IP Address action is configured to identify consumer applications based on their 4-byte IP address range.
To specify a range of IP addresses, type the lowest IP address in the From IP-V4 Address field and the highest IP address in the To IP-V4 Address field. For example, the values 192.168.0.0 and 192.168.0.10 indicates that requests originating from any IP address that lies between the specified range will be identified by the application asset.
From IP-V6 Address
Identifies consumers based on their originating 6-byte IP address.
Use this field when the Evaluate IP Address action is configured to identify consumer applications based on their originating IP addresses.
As for IPv4 Address, but using the 128-bit IPv6 format. Example: 1234:5678:9ABC:DEF0:1234:5678:9ABC:DEF0
To IP-V6 Address
Identifies consumers based on their 6-byte IP address range.
Use this field when the Evaluate IP Address action is configured to identify consumer applications based on their 6-byte IP address range.
As for IPv4 Address, but using the 128-bit IPv6 format. For example: 1234:5678:9ABC:DEF0:1234:5678:9ABC:DEF0
Consumer Certificate
Identifies consumers using the X.509 certificate that is passed in the SOAP message.
Click Upload, and select the certificate (.cer) file.
Partner ID
Specifies the trading partner ID.
When a consumer application is identified in Mediator and the event logging is enabled, you can locate the partner ID in the event data of the identified consumer. You can leverage the event data for partner based analytics.
Note:
The Partner ID attribute is introduced for integration scenarios based on webMethods Trading Networks.