Service Package form
Completing the Context tab

Field

Description

C-929 Select Stateless if the services in this package can be executed by any requestor in of a pool of requestors, without regard to processing that the requestor performed earlier. See More about Service Packages.

Select Stateful otherwise.

Choose this value carefully. Using requestor session pooling may improve performance if a high volume of uniform requests arrive, even when authentication is required. See Concepts — How requestor pooling for services works.

Identify an access group for requestors of this service package.

PRPC uses this access group, even for services that require authentication, to locate the service rule. The service rules and service activities to be executed must be accessible to requestors operating with this access group.

Especially if this service is to execute without authentication, set up an access group that provides only the minimum capabilities to service requestors and reference it here. For example, you can include an access role (Rule-Access-Role-Name rule type) linked to Access of Role to Object rules (Rule-Access-Role-Obj rule type) that limits which classes the service can view or update. Also, review the service activity to ensure that no combination of input parameters allows the activity to perform more than the service needs.

Click() to open the access group data instance.

Select if the service request requires authentication. When selected, the system expects PRPC Operator ID and password values in the arriving request message. B-20237

When selected, authentication occurs only for the first request for stateful services that use pooling and don't destroy the requestor. Later service requests that include the Session ID in the request message continue with the same previously authenticated requestor session.

In high-volume production settings, authentication can be costly in terms of computer resources. However, unauthenticated service requestors can access the RuleSets and Versions conveyed by the access group in the Service Access Group field plus those assigned to the requestor type named APP. (Services run as APP requestors.) 12/04/07 hitzm fixed the previous sentence when kauft noticed this topic said services ran as Batch requestors Depending on security and volume factors, for best performance you can leave the Requires Authentication? box cleared.

The location and name of the Operator ID and password values vary, depending on the service type:

This field appears only when Requires authentication ? is checked. If you are using LDAP authentication, select an authentication service (a Data-Admin-AuthService instance) when the service type is SOAP (Rule-Service-SOAP) or HTTP (Rule-Service-HTTP).

Note: Authentication Service is required only for LDAP authentication. You could also use HTTP Basic for user authentication, or, in the case of HTTP Service you could provide the HTTP headers UserIdentifier and Password for user authentication instead of basic authentication.

R-11838 Select to cause the system to skip over any activity step that calls the Show-HTML method in the service activities that execute through service rules that reference this service package instance.

This feature lets you reuse or share an activity that supports both interactive users and services.

After you save this form, click to view a tree of the components that comprise the package. See About the Integration viewer. PROJ-311