Chapter 19. Securing the Service Registry
19.1. Service Registry Authentication
Here is a theoretical understanding of how the authentication process works.
GetAuthTokenrequest is made. The goal of this phase is to turn a user id and credentials into a valid publisher id. The publisher id (referred to as the authorized name in UDDI terminology) is the value that assigns ownership within UDDI. Whenever a new entity is created, it must be tagged with ownership by the authorized name of the publisher.
authentication tokenis issued to the caller.
GetAuthTokenrequest. This leads to the identify phase.
UddiEntityPublisherobject. This object contains all the properties necessary to handle ownership of UDDI entities. Thus, the token (or publisher id) is used to identify the publisher.
Publisherentity, which is a sub-class of
UddiEntityPublisher. This sub-class makes publisher properties persist within the jUDDI Registry.