Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
To use an authenticated or encrypted connection using TCP, both the client and server MUST use GSS-API [RFC4178]. This requires the exchange of security tokens between the client and server. The client sends its security token using the Authenticate request (AuthenticateSoapIn) and the server responds with its security token in the AuthenticateResponse message (AuthenticateSoapOut). This exchange of security tokens continues back and forth until GSS-API reports completion or error. After it has completed, the client and server can call the GSS-API to determine if encryption or hashing is turned on for the connection.
When using HTTP/HTTPS, the server supports authenticated connections. If the client requires messages to be encrypted, it SHOULD use the HTTPS protocol.