Hi,
I am a newbie to TN, I am trying to go through WmTnSamples.
The first sample I study is wm.tn.samples.addaddress:addAnAddress
Here are some questions:
After creating a new parnter using ‘Profile Assistant’ in TN console, how can I get the partner ID for wm.tn.profile:getProfileSummary?
Where to set username and password for partner to login to TN? Or anyone can send document to TN?
There are two places to create partner in TN console, one is ‘Trading Partners’>>’New Trading Partner’, another is ‘Tools’>>’Profile Assistant’, what are the differences?
Thanks!
You can get the partner ID by first running wm.tn.profile:getProfileSummaries. This will list all profiles. Find the one you want. The value that you’re looking for is the ProfileID.
TN requires you to define a required ID type, for example, DUNS. When you create a profile, you then must provide this value. Once you save the profile, behind the scenes TN creates a user account (where username = ID) in the TNPartners group. You can then change the password for that user account to whatever you want by using the IS Administrator page and going to ‘Users and Groups’.
There really isn’t any difference. The Profile Assistant works more like a wizard taking you step by step whereas the other one works more like a form and lets you fill in all the blanks. The end result is the same.
By the way, another way of getting the partnerID, would be to invoke wm.tn.profile:getInternalID. If you already know the partner that you’re looking for and you know at least of one the partner’s external IDs (for example, DUNS), you can use that service by setting id to the external ID you already know (ex. the DUNS number) and idTypeDesc to the type of ID (ex. “DUNS”). Refer to the TN Built-In Services Reference Guide for more details.
I created a new partner, set the partner type to ‘webMethods for partners’ instead of ‘webMethods for Trading Networks’, now, I can find it in ‘TN Partners’.
“I created a new partner, set the partner type to ‘webMethods for partners’ instead of ‘webMethods for Trading Networks’, now, I can find it in ‘TN Partners’.”
It’s good that you can now see the profile’s user account in the appropriate group, but it isn’t there due to setting the partner type. The partner type isn’t used for anything at all.
The user account that is created uses the value that is specified for the required external ID type. The default required external ID type is DUNS. So if you create a profile and specify a DUNS ID of “abcd” a user account named “abcd” will be created.
Hi Rob & Percio,
Thanks a lot for your replies.
I have other questions; I created a user ‘Developer01’ in the administrator console and added this user to the Developer group. Then, I logged in to Developer as this user.
It seems that I can post xml documents to TN through �wm.tn:receive� in Developer through �Developer01’, why?
If every user with the developer permission can post documents to TN, when should we use the user/password created in TN?
What are the differences between �wm.tn.doc.xml:routeXml� and �wm.tn:receive�? It seems that �wm.tn.doc.xml:routeXml� does not check the identity of the sender, does it mean we can bypass the security check by using �wm.tn.doc.xml:routeXml�?
Thanks!
Yul
The user accounts created by TN are meant to be used by the Trading Partners themselves. The idea is that if you want to be able to receive documents from your Trading Partners over the internet, but you don’t just anyone out there to be able to submit documents to your system, then you create a TN profile for your partner, provide the username and password to them, and have them use that username and password every time they send you a document. As you have already discovered, wm.tn:receive will then authenticate the username and password they sent against the existing user accounts. The username and password can be embedded in the HTTP header, or if posting the document interactively, the user will be prompted via a dialog box.
Many people, however, choose to make their partners’ lives easier and simply open up their system without requiring user authentication. One way to do this is to create a service with an Anonymous Execute ACL which invokes routeXml. You need to understand, however, that a malicious user could then very easily perform a DoS attack on your system by flooding TN with documents, so be careful with this approach.
Percio,
Thanks for your prompt help!
I logged in to Developer as a user which doesn’t belong to ‘TN Partners’ group, I also can post document to TN using ‘wm.tn:receive’, why?
And, what are the steps to receive the document in flow services?
Thanks!
-Yul
How are you testing? If you login to Developer using the Developer username and try to execute wm.tn:receive, you should get an access denied error. I get the same result when using pub.client:http to post.
As Percio points out, the username/password for a profile is to be used by the partner to submit documents via http/ftp. They can also use the credentials to access the TN Web interface to check status of their documents.
You’ve identified the difference between receive and routeXml. Yes, using routeXml can bypass security. Not a good idea to do though. You might seriously consider not having partner submit to receive directly. There are a couple of threads on this and an e-zine article at [url=“wmusers.com”]wmusers.com.