Hi there,

We are trying to implement authentication for a web service provided by us. We created an ACL on IS level, added a goup in it and some users. The question is what settings do we need so that when someone calls our web service to authenticate the user based on the ACL which we have created. (if the user is in the group from the ACL then the call should be succesfull, otherwise the user should get something like 'You are not authorized to call this web service')

Thank you in advance.

Hi Bogdan,

go to the WSD node of your WebService and open the permissions property in the Properties panel,

Choose your ACL as “Execute ACL” and save the node.

Regards,
Holger

Addendum: If you do not see your ACL name in the Execute ACL list, you may have to refresh the particular WSD or reload a package.

I am working on a REST service, which need basic authentication user/password. After changed ACL permissions on package, directory, or service level in the Execute ACL, the service still can be reached and get correct response without being asked for user/password or any error. We need to resolve this asap.

Thanks,