Managing, Authenticating, and Authorizing Trading Networks Users

When a My webMethods user who has Trading Networks administrator authority wants to perform an action that requires execution of a service on Integration Server. The user’s My webMethods credentials are used to authenticate the user and authorize the request.

When a My webMethods user wants to view Trading Networks data or perform Trading Networks actions, and Trading Networks services are invoked on Integration Server. The user’s My webMethods credentials are used to authenticate the user and authorize the request.

When a Trading Networks partner sends a document to Trading Networks, and a Trading Networks service is invoked. The partner can invoke the service using the credentials of a My webMethods user account.

When Integration Server receives a user name and password to authenticate, it first tries to authenticate the user using its own user account definitions. If the user is not defined in Integration Server user accounts, Integration Server determines whether the user account is defined in My webMethods central user management. If so, Integration Server checks whether the user supplied valid My webMethods credentials. When you use Trading Networks through My webMethods and other authentication methods such as client-side certificate authentication and third-party tools, My webMethods Server passes an authentication token to Integration Server.

To authorize a request, the Integration Server determines whether the user can access the requested Integration Server service. Access to Integration Server services is protected by Access Control Lists (ACLs). When using central user management, you can add My webMethods groups and roles that relate to Trading Networks to the Allowed list of ACLs.