I'm running a SPS and I'd like to know if CA Access Gateway (SPS)offers support for Hashing algoritm to authenticate with User +Password in Hashing format ?
CA Access Gateway (SPS) Authentication and Authorization Web Servicessupport login and blogin on SOAP and REST request, which aren't inHashing algorithm format unfortunatly :
Configuring the Authentication and Authorization Web Services
These web services support the SOAP 1.2 protocol and the HTTP-basedRESTful architecture using the POST method. The authentication andauthorization web services provide the following functionality:
login -- Authenticates and returns a session token when theauthentication is successful.
Note: If the Enable User Tracking option is enabled, the responsecontains an identity token additionally.
blogin -- Authenticates and verifies whether the login is successful;does not return a session token.
logout -- Logs out the user or groupof users.
authorize -- Returns an authorization status message and arefreshed session token.
As such, there's no Hashing Algorithm supported inside these WebService. The only encoded way to pass credentials is to use acertificate as login.
What is the Purpose of <binaryCreds></binaryCreds> from Body Section in SPS WS Auth/AZ ?https://comm.support.ca.com/kb/what-is-the-purpose-of-binarycredsbinarycreds-from-body-section-in-sps-ws-authaz/kb000013831
In order to get the CA Access Gateway (SPS) enhanced to supportHashing Algorithm for login or blogin in Authentication andAuthorization Web Services, please open an Idea on the Security Page.
KB : KB000117358