The internal security of QMWISe is provided by using SOAP headers in the request and response messages. SOAP headers are part of the data model. These headers can be enabled or disabled with configuration settings.
The SOAP header for both request and response headers has the form:
The use of the ClientID and Checksum parameters are described below for the SOAP request header and the SOAP response header.
The Checksum is a Message Digest 5 (MD5) checksum calculated from a string formed by concatenating the ClientID above with the encrypted password for the administrator.
For more information on header information, refer to QMWISe header information. For more information on MD5 checksums, please refer to:
The SOAP request header
In the header for a SOAP request message, the ClientID must be a valid Perception administrator name. The administrator must have permission to change the server configuration.
The QMWISe software is installed with the QMWISe test harness that includes a utility for generating the checksum from an administrator name and their password.
A typical SOAP request header would be:
Permission to change server configuration
This is set when the administrator is created or edited:
The option Server Configuration must be checked in Enterprise Manager for the administrator user you intend to use with QMWISe.
In the header for a SOAP response message, the ClientID must be the URL of the web service itself.
A typical SOAP response header would be as follows: