search cancel

Can we remove or encrypt admin password for TEWS from SOAP XML?

book

Article ID: 257626

calendar_today

Updated On:

Products

CA Identity Suite

Issue/Introduction

When using SOAP XML call to run TEWS (Task Execution Web Service), admin password is set as clear text.

<wsdl:TaskContext>
         <wsdl:admin_id>{AdminID}</wsdl:admin_id>
         <wsdl:admin_password>{Admin Password}</wsdl:admin_password>
</wsdl:TaskContext>

How can we remove or encrypt the password?

Web Services Properties in Identity Manager Admin Console is set as the following.

Environment

Release : 14.x

Resolution

Identity Manager cannot decrypt encrypted admin password in this case. However, to add security we can integrate Identity Manager with Siteminder and do the following settings in Web Services Properties.

1. Set "SiteMinder Authentication" to "Basic Authentication"
2. Un-check the "Admin password is required" box

In this configuration, send the SOAP XML without admin password and with Basic Authorization Header

 

Additional Information

Enabling "WSS Username Token (Password Text)" is not compatible with Identity Portal. Please refer to

Can Identity Portal work when WSS Username Token authentication is selected in Identity Manager's Web Services properties? 

Attachments