When using an API Gateway for Authentication with LDAP, there are many steps to take:
Authentication using LDAP — high-level steps:
1. Configure LDAP Server
2. Create an authentication repository
3. Virtualize a SOAP Service
4. Create a WS-Security Authentication policy
5. Configure the Service handler
6. Test the service using API Tester
7. Trace the execution using Traffic Monitor
Step 1. Configure the LDAP Server
Step 2. Configure the LDAP Repositories
Step 3. Virtualize a SOAP service
Use the following WSDL to register a Currency Conversion service.
http://www.webservicex.net/CurrencyConvertor.asmx?WSDL
Select the “ConversionRate” operation when prompted.
This will generate a CurrencyConvertor policy. The service handler will be modified later to apply the WS Security Authentication.
Step 4. Create a policy to configure WS-Security username authentication
Step 5. Configure the Service Handler to invoke the WS Authentication policy before the SOAP operation. Enter the policy (“WSTokenAuthenticate”) that was created in Step 4.
Step 6. Test the Service using API Tester
– Load the WSDL of the virtualized WS then select the operation.
– Apply the WS Security Token and enter a valid ldap id.
– This will insert the WS Security in the Soap Header’s request. Execute the request and it will return a successful response.
Step 7. Trace the execution using Traffic Monitor
Discover why an API Gateway is so important.