Soap Login/Actions as other users or Business Units

book

Article ID: 18730

calendar_today

Updated On:

Products

CA IT Asset Manager CA Software Asset Manager (CA SAM) ASSET PORTFOLIO MGMT- SERVER Service Accounting SERVICE ASSURE CA Service Catalog CA Service Management - Service Desk Manager CA Unicenter NSM

Issue/Introduction

When logging in to CA Service Catalog SOAP Web Services, this must be performed as an Administrator into the Root Business Unit. As a result, actions are performed from there, as that user.

How can a SOAP call be made on behalf of a Proxy User, so that audit trails for a Request appear as that end user, rather than the admin?

Environment

Release CA Service Catalog
Component:

Resolution

Trying to log in directly to a sub-domain Business Unit or other useris not possible. Instead, a Proxy must be set up from the top-level Business Unit.

However, we have the "setProxy" method that would allow you to solve this here.

setProxy Method

Allows for executing web service commands on behalf of another user setProxy is implemented for Request Web Service methods only.
Signature
setProxy(String sessionIDString proxyUserIdString proxyDomainId)
Required Parameters
sessionID Security handle for calling webservices. [mandatory parameter]
proxyUserId id of the proxy user [manadatory parameter]
proxyDomainId id of the business unit for the proxy user [optional parameter]
Return Value
void

The unsetProxy method can then reverse this:

unsetProxy Method

Removes a proxy user associated with the current session. unsetProxy is implemented for Request Web Service methods only.
Signature
unsetProxy(String sessionID)
Required Parameters
sessionID Security handle for calling webservices. [mandatory parameter]
Return Value
void

After logging in to the session as spadmin, the process would need to call setProxy for the session, then make its request update call. Then call unsetProxy to revert to the spadmin user. If necessary, this can be performed many times in a web services session.