I have created a real-time service in my created Repository, published it as a WebService using SAP Data Services Desginer / SAP Data Services Management Console. I have tested it through SOAPui, and its working fine.
The question is, how can i authorize the call by username and password? I would like to add some level of security on the way from the caller to the DataServices repositories..
Is it possible to set up authorizations like:
-> Is able to call WebService in Repository 1
-> Is able to call WebService in Repository 2, but not in Repository 1?
The first step a 3rd party calling the webservice is LOGON (from Connection_operations), which gives the caller a session id (because he is using username and password), but the session id isnt helping with the security right? .. Because as he has a session id, he can call whatever webservice. (if he finds out the name, and thats the security problem).
How can i secure this on the level of Data Services? ..