Credential Authentication

This article contains the following topics:
casm1401
This article contains the following topics:
If you plan to use the User Name/Password type of access authentication, the user application needs to invoke one of following two web services methods to gain access to CA SDM Web Services.
The login user that you specify in the username parameter (not the proxy contact specified in the policy) is responsible for activities initiated in a session. All function group security and data partition is enforced for this login user.
login (Username, Password)
This method is provided for backward compatibility, where access authentication is performed on the username and password supplied. A SID (session ID) is returned only if the access is authenticated. All subsequent web services calls need to include this SID. Default access policy is then applied to all subsequent web services accesses labeled with the SID.
Username and password are required fields that require plain text when you define them.
loginService (Username, Password, Policy)
This method is similar to the previous login function in that access authentication is performed on the username and password supplied. A SID is returned only if the access is authenticated. However, a specific access policy, as identified in the third parameter, is applied to control and manage all subsequent Web Services accesses. Empty content in the policy parameter automatically applies the default policy.
Username and password are required fields that require plain text when you define them. Policy is required, but can be empty, and you must use plain text. Use the policy code defined in a policy.
How a login is validated depends on the contact’s assigned
access type
. The access type object is hosted by CA SDM and sets the validation type. You can use the product to view the access type record, and you can also use the getAccessTypeForContact() web method to retrieve any access type object information.
For more information about access types, see the  Security and Role Management section.