Creating RA Web Service REST Agent Connection Objects
To link the
RA Web Service REST Agent Connection objects store all the connection information to a service end-point. They define the security protocol and corresponding credential information. REST does not have a de facto standard for describing service end-points. You assign RA Web Service REST Agent Connection objects to your RA Web Service REST Agent Jobs. You can use a Connection object to set-up the interface to simplify Job creation. For example, you can populate the resource list with all of the resources for a given service end-point. Then you can quickly re-use those in Job definitions. RA Web Service REST Agent Connection objects can also contain global headers and query parameters that can be used in your Job definitions.
To create an RA Web Service REST Agent Connection object:
-
Add a Connection object of type WEBSERVICEREST > RA Web Service REST Agent CONNECTION.
-
Select the Web Service object tab.
-
Enter the URL endpoint where the service resides in the URL Endpoint field.
Note:Query parameters cannot be added here. You can either use the query parameters in the Connection object and select this object within the job, or define query parameters explicitly in the job (Any characters entered in this field will be HTML encoded, for example). For the recommended way of defining query parameters, see Defining Query Parameters for RA Web Service REST Agent Connection Objects, or alternatively Override URI Endpoint
-
Select an authentication from the Authentication drop-down list.
- Respond to the authentication-specific fields. Although not all of these fields are required by the
- User
- Password
- Host
- Port
- Realm
- Preemptive
- If the system property java.security.krb5.conf is set, its value is assumed to specify the path and file name.
- If that system property value is not set, the configuration file is looked for in the directory:
- <java-home>\lib\security (Windows)
- <java-home>/lib/security (Solaris and Linux)
- If the file is still not found, then an attempt is made to locate it as follows:
- /etc/krb5/krb5.conf (Solaris)
- c:\winnt\krb5.ini (Windows)
- /etc/krb5.conf (Linux)
- If the file is still not found, and the configuration information being searched for is not the default realm and KDC, then implementation-specific defaults are used. If, on the other hand, the configuration information being searched for is the default realm and KDC because they weren't specified in system properties, and the krb5.conf file is not found either, an exception is thrown.
- 1.0a and 2.0
- Client Key
- Client Secret
- Token Secret
- Authorization Token
- Signature Type
- Refresh URI (Mandatory)
- Refresh Token (Mandatory)
- Verifier
- V2, V3, and V4
- Access Key
- Secret Access Key
- Optionally add resources to the Connection object in the Resources section. Resources defined here are available in the Resources field on the Request page for
- Optionally add headers and or query parameters to the Connection object in the HTTP Headers and Query Parameters sections to pre-populate them in Jobs on the Request Headers & Query Parameters page. For more information, see Defining HTTP Headers for RA Web Service REST Agent Connection Objects and Defining Query Parameters for RA Web Service REST Agent Connection Objects.
- Optionally configure proxy server settings in the Proxy section. For more information, see Using a Proxy Server for RA Web Service REST Agent Connection Objects.
- Optionally specify advanced settings in the Advanced section. For more information, see Specifying Advanced Settings for RA Web Service REST Agent Connection Objects.
- Click Save to save the Connection object.
Unless you select "None" for the authentication, additional authentication-specific fields will be added below the Authentication drop-down list, based on the requirements and options for that authentication.
Basic, Digest, and NTLM
The user name.
The password.
The host to connect to. Only required if the endpoint differs from the authentication host.
The port to use. Only required if the endpoint differs from the authentication host.
The realm. Only required if the endpoint differs from the authentication host. Also, this field is optional when a host is specified.
Activates preemptive authentication. Preemptive authentication sends the authentication information without waiting for the server to give an unauthorized response. This reduces some overhead, and may be required in cases where the server does not reply with an unauthorized response. You use preemptive authorization when you trust the endpoint enough to send authentication credentials somewhere without being asked for them.
Not available for Digest RA Web Service REST Agent Connection objects.
Kerberos
Besides the user name and password, additional configuration settings for Kerberos are set in the krb.ini (.conf) file. The Agent itself does not read this file directly, it uses the Kerberos classes of the JRE.
The algorithm to locate the krb5.conf file is the following:
Here <java-home> refers to the directory where the JRE is installed. For example, if you have J2SE 5.0 installed on Solaris in a directory named /j2sdk1.5, the directory in which the configuration file is looked for is:
/j2sdk1.5/jre/lib/security
OAuth
Radio buttons to select the OAuth version. The fields below will differ depending on the features of the version you select.
The client key.
The client secret.
The token secret for OAuth 1.0a.
The authorization token.
The signature type.
The refresh URI for OAuth 2.0.
Important! Make sure that you manually add the new authorization token when the previous one expires.
The refresh token for OAuth 2.0.
The verifier for OAuth 1.0a.
AWS Signed URL
Radio buttons to select the AWS Signed URL version.
The access key.
The secret access key.
The Login field on the Attributes