Configuring Web Services Security when Using the Application Web Server (Real-Time, Windows)

You can use Transport Layer Security (TLS), previously known as Secure Sockets Layer (SSL), encryption, user and group permissions, and API keys to establish secure communication between Web clients and LabVIEW Web services.

Complete the following procedures to establish the different methods of Web services security:

Note Note  

Assigning Permissions to Web Service Files

You can require a specific permission for the following types of files:

Complete the following steps to configure a Web service to accept only HTTP requests from Web clients with valid permissions:

  1. Right-click the Web service project item in the project tree and select Properties to display the Web Service Properties dialog box.
  2. Browse to the page that applies to the type of file you want to configure:
  3. In the Required permissions table, add the name of a permission you previously created in the Security Configuration page of NI Web-based Configuration & Monitoring.

Accessing Web Service Files with Permissions

A Web client must provide a valid username and password whenever the client submits an HTTP request for a file protected by permissions. The username and password must correspond to a user in the NI Web-based Configuration & Monitoring utility that has been granted the same permission added for the HTTP method VI or public static file.

Use the OpenHandle VI to provide a username and password for HTTP requests made by a Web client built in LabVIEW.

Configuring API Key Security

You also can use API keys to restrict which clients can send HTTP requests to HTTP method VIs. An API key is a string of seemingly random characters that consists of two parts, an access ID and a secret ID. The access ID works similarly to a username, and the secret ID works similarly to a password intended only for authorized clients.

You can configure a single API key that applies to all Web services running on any web server, including the Application Web Server, web servers for embedded applications, and the Web service debugging server. You first must configure an access ID and secret ID for the Web Server to generate API keys. Then you must enable API key security for each URL mapping that you want to protect.

Configuring API Key Security on the Web Server

To establish an access ID and secret ID on the Application Web Server, launch the NI Web-based Configuration & Monitoring utility and navigate to the Web Server Configuration page. Use the Web Services API Key tab to generate, apply, and reset API keys.

Securing URL Mappings with API Key Security

Complete the following steps to enable API key security for an HTTP method VI in a Web service:

  1. Right-click the Web service project item in the project tree and select Properties to display the Web Service Properties dialog box.
  2. On the HTTP Method VI Settings page, select a VI from the Web Service VI table, and click the�Application Web Server�tab in the�Web Service VI Properties.
  3. Place a checkmark in the Require API key checkbox.

Accessing URL Mappings with API Key Security

When you establish an API key and enable that API key for an HTTP method VI, any HTTP request from a Web client that corresponds to the VI must contain the correct API key. You can use the SetAPIKey VI to configure a Web client built in LabVIEW to provide an API key when making HTTP requests.

Related Information

Hosting Web Services