Create a SOAP Web Services Policy

To minimize web services ticket flooding, and to maintain the stability of the server, CA SDM SOAP Web Services uses an CA Access Control and Management system. Handles excessive service activities by trusted user applications resulting from programming errors or exceptions. This system also works as a barrier and controls access to CA SDM SOAP Web Services from malicious attackers.
casm173
HID_Create_a_SOAP_Web_Services_Policy
To minimize web services ticket flooding, and to maintain the stability of the server, CA SDM SOAP Web Services uses an Access Control and Management system. Handles excessive service activities by trusted user applications resulting from programming errors or exceptions. This system also works as a barrier and controls access to CA SDM SOAP Web Services from malicious attackers.
CA SDM provides a default access policy that has a code of DEFAULT. The default access policy contains no access restrictions and is only applied to sessions authenticated through username and password.
You can create SOAP web services policies to control access from SOAP web services applications.
If multi-tenancy is installed, select the appropriate tenant from the drop-down list. The public (shared) option creates the object for all tenants.
Follow these steps
  1. Select Administration tab, SOAP Web Services Policy, SOAP Policies.
  2. Click Create New.
  3. Fill in the fields as appropriate.
  4. Select the Access Control tab to define the number of operations permitted per hour for each web services category.
  5. Enter a number in each operation counter field to represent the number of operations that are permitted per hour.
    The default value of -1 in any operation counter indicates that no restrictions apply to the corresponding operation. A value of 0 (zero) indicates that the corresponding operation is not allowed.
  6. Select the Error Types tab to review the error types in effect for the web services policy.
  7. To add an error type, click Add an Error Type.
  8. Click Save.
    The policy definition is saved and the SOAP Web Services Policy Detail page appears.
SOAP Web Services Policy Fields
The following fields require explanation:
  • Code
    Specifies the unique code that identifies the access policy to the system. This field is required.
  • Proxy Contact
    Specifies the contact to use for all web service operations and security. You can enter a contact name directly into this field, or click the search icon to select the contact name.
  • Default
    Indicates that this policy is the default policy. Only one active default policy is allowed. If you select this option when creating an access policy, the default setting of the current default policy is removed.
  • Has Key
    Indicates whether a public key as been associated with this policy. This field is updated when a public key is associated with a policy using the pdm_pki utility and cannot be changed.
  • Allow Impersonate
    Allows the policyholder to invoke the impersonate() web services method and create a web services session. Additional access authentication is not performed when creating the session. However, only when the grant_level of the new user access type is less than or equal to the access_level of the proxy user access type, can this method be successfully called.
If multi-tenancy is installed, the list page displays Tenant and Public Data settings in the search filter. Public Data can be Excluded or Included with Tenant data; Only searches for public objects exclusively. On detail pages, select the appropriate tenant from the list. If you select <empty>, the object is public.