Setting an Authentication Level

Use

Using the design-time class level annotation @AuthenticationDT, you can set the minimal authentication level that the Web service requires from the Web service client during communication. During design time, you can set any of the authentication levels listed below:

NONE: the Web service requires no authentication from the Web service client. By default, all Web services you create have authentication level NONE.
BASIC: the Web service requires the client to use a user name and password.
STRONG: the communication between the Web service and Web service client involves the use of certificates.

Procedure

The code sample below shows the usage of the class level annotation @AuthenticationDT to set BASIC authentication level.

            package com.sap.example;

import javax.ejb.Stateless;
import javax.jws.WebMethod;
import javax.jws.WebParam;
import javax.jws.WebService;
import com.sap.engine.services.webservices.espbase.configuration.ann.dt.AuthenticationDT;
import com.sap.engine.services.webservices.espbase.configuration.ann.dt.AuthenticationEnumsAuthenticationLevel;

@WebService(name="MyStatefulImplementationClass", serviceName="MyStatefulImplementationClassService",
         targetNamespace="http://sap.com/example/", portName="MyStatefulImplementationClassPort")
@Stateless
//Set BASIC authentication level for the whole class
@AuthenticationDT(authenticationLevel=AuthenticationEnumsAuthenticationLevel.BASIC)
public class MyStatefulImplementationClass {
                @WebMethod(operationName="MyMethod1", exclude=false)
                public void MyMethod1 (@WebParam(name="newValue1")
                int newValue1)
                {
                        //MyMethod1 implementation      
                }
                @WebMethod(exclude=false, operationName="MyMethod2")
                public int MyMethod2 (@WebParam(name="arg")
                int arg)
                {
                        return arg;
                }
}

If you want to set a STRONG authentication level, you use the annotation with the following value of the authenticationLevel attribute: @AuthenticationDT(authenticationLevel=AuthenticationEnumsAuthenticationLevel.STRONG)

Result

After you deploy the Web service on a SAP NetWeaver system, you can set the authentication method for each endpoint of the Web service. When configuring an endpoint in SAP NetWeaver Administrator, the authentication method must correspond to the authentication level set at design time, or to a higher authentication level.

Example

The authentication level for a Web service has been set to BASIC at design time. At runtime, you should set the authentication method for the Web service endpoint. As a minimum, you must set the user and password to meet the requirements of the BASIC level. Optionally, you can set a STRONG level by specifying the usage of certificates.

Once the authentication method for the Web service is set, the system takes care of verifying the identity of the Web service client before allowing access to the resources provided by the Web service.

More Information

Configuring Web Services and Web Service Clients in the SAP NetWeaverSAP NetWeaver Administrator