You provide authentication credentials through WS-Security headers that are included in the SOAP requests. Both ORCA and legacy web services support users with admin and grid_admin permissions. ORCA also supports users with other role-based permissions.
ORCA web service security header
The ORCA web service is always available, so you must secure it properly:
- The ORCA web service supports only a subset of the WS-Security specification, the WS-Security UsernameToken Profile 1.1.
- The ORCA web service supports only the
<wsse:PasswordText>type and does not support the<wsse:Nonce/>type.
The following sample shows the WS-Security header in an ORCA SOAP request:
<soapenv:Header> <wsse:Security xmlns:wsse="" soapenv:mustUnderstand="1"> <wsse:UsernameToken> <wsse:Username>admin</wsse:Username> <wsse:Password Type="">admin123</wsse:Password> </wsse:UsernameToken> </wsse:Security> </soapenv:Header>Legacy web service security header
The legacy web service uses WS-Security headers with the <wsse:PasswordText> type. You must provide the credentials for the grid on which the workflow resides. The following sample shows the SOAP header for a legacy operation:
<soapenv:Header> <wsse:Security xmlns:wsse=""> <wsse:UsernameToken> <wsse:Username>admin</wsse:Username> <wsse:Password>admin123</wsse:Password> </wsse:UsernameToken> </wsse:Security> <grid-name xmlns="urn:realops.com:amp:workflow">SampleGrid1</grid-name> </soapenv:Header>
