|
|
|
The Security Service Manager module is used to configure web service endpoint for various pasUNITY Enterprise Suite components for communication with the system.
This module functions outside the realm of the normal permissions hierarchy. It can be viewed by any user with membership in Site Administrators or Security Administrators site-level roles with no regard to permissions assigned to the tab on which the module is placed. For more information on the roles referenced in this section please see the role based security topic. Administrative users can configure additional module settings by clicking the 
button.
This module presents a sortable data grid that displays the friendly name, endpoint URL, and certificate details used to secure each endpoint enabled for communication. Prior to configuring secure service endpoints, a valid X.509 certificate needs to be installed on the application servers by a support technician.
Adding New Secure Service Endpoints
To add a new secure service endpoint members of the Site Administrators role click the 
button which will open the secure service endpoint editor and allow an administrative user to define the details of a new secure service endpoint.
Editing Existing Secure Service Endpoints
To edit an existing secure service endpoint members of the Site Administrators role click the 
button which will open the secure service endpoint editor and allow an administrative user to define the details of a new secure service endpoint.
Secure Service Endpoint Attributes
The following attributes are exposed through the editor:
•Name: This is the display name of the secure service endpoint and may not be blank and must be unique within the system.
•Identifier: This is the URL of the endpoint
•Certificate Find Type: Method used to locate a certificate to secure and validate communication over the endpoint. Valid choices are find by thumbprint and find by name.
•Certificate Find Value: This is either the name or thumbprint of the X.509 certificate used to encrypt communicate to the endpoint. Using thumbprint is more exact than name but when certificates are renewed and replaced will necessitate an update as the thumbprint will not likely be preserved in the new certificate whereas the name likely would.
Endpoint URL Conventions
The provided URL for any given product usually only varies by host name and port number. The remainder of the signature typically follows the following patterns: While all service endpoints will ultimately be accessed solely over HTTPS only Active Directory Federation Service endpoints must be specified with the HTTPS: protocol type.
Active Directory Federation Services: |
https://hostname.domain.com/adfs/services/trust/13/issuedtokenmixedsymmetricbasic256 |
pasUnity Matrix V2012a: |
http://hostname.domain.com:7080/pasUnity/2012a/MatrixService/Federated |
pasUnity Remote Impeller V2012a: |
http://hostname.domain.com:9080/pasUnity/2011a/RemoteImpellerService/Federated |
pasTransfer Execution V2012a: |
http://hostname.domain.com:7080/pasTransfer/2012a/ExecutionService/Federated |
pasPortal Security Token Services: |
http://hostname.domain.com/STS |
pasPortal Mapping V2012a: |
http://hostname.domain.com/pasTransfer/Mapping/V2012a/MappingService/Federated |
pasPortal Foundation V2012a: |
http://hostname.domain.com/pasPortal/Foundation/V2012a/FoundationService |
pasPortal Expense Dictionary V2011a: |
http://hostname.domain.com/pasExpense/Dictionary/V2011a/DictionaryService/Federated |
Copyright © 2025 pasUNITY, Inc.
Send comments on this topic.