webMethods

Product/components : Integration server

version: 10.5

Hi All, In our project we have created one flow service for specific purpose. And we have created URL alias for that particular service to invoke from the browser. When we tried to run the service through URL in browser it asks for authentication ( username/password of integration server).

Is there any way to invoke that URL without any authentication ? we would like to make it as anonymous, so that everyone having the URL can run the service.

Appreciate your help.

Hi,

you will have to set the ListACL and ExecuteACL for this service to “Anonymus” in Designer.

Please note that this approach is not recommended from a security perspective, just to prevent DOS-Attacks against such services.

Regards,
Holger

You can just follow the response from " [Holger von Thomsen]".
Regarding security, you can allow through RIPS/Enterprise Gateway so that you don’t need hit direct IS URL. Alternatively, restrict the IPs to access your service internally instead of allowing public access.

Also, never expose the admin port for any service, especially for a service that doesn’t require authentication.

You should check that requirement with at least your security department. In most organizations implementing something like this will get you in real trouble. Depending on your industry and/or geography there may even be legal issues.