Deployment Guide

ManualsBrandsDell ManualsAccess PlatformsW-ClearPass Virtual Appliances

271

272

273

274

275

276

277

278

279

280

l At the lowest level, the kernel provides basic functions common to the entire system. This includes the Web

interface framework, appliance operating system, and runtime support services.

l The network layer provides critical networking support, including the RADIUS server and the ability for network

administrators to manage and control the networking aspects of the appliance.

l The services layer provides one or more implementations of application services that are used by the layers above.

Examples of these services include managing a user database used for AAA, handling the authentication of

operators, and providing translated text resources.

l The presentation layer supplies the tools and framework necessary for the appliance software to interact with the

outside world. The basic presentation layer services include authentication checks, session establishment, input

checking, validation and conversion, and command execution. Both SOAP and HTML presentation methods are

supplied, which adapt the underlying basic presentation to appropriate conventions suitable for a machine-to-

machine or human-to-machine interaction.

l The application layer provides the page templates, business logic, and the concrete features making up visitor

management applications such as Guest Manager or Hotspot Manager. These applications are built using the

services provided by the lower layers.

Authentication and Access Control

SOAP API requests require that operator authentication information is provided using HTTP Basic authentication.

Page privileges are applied to SOAP authenticated sessions in the same way as the HTML user interface. However,

SOAP access also requires the SOAP API privilege to be granted.

Refer to "Using the SOAPAPI" on page 278 for details on creating an operator profile with suitable privileges for

SOAP API access.

HTTP headers

When making a SOAP API request, the SOAPAction HTTP header is required. The value of this header indicates

the type of request being made.

The Content-Type header must be specified as either text/xml or the application/soap+xml MIME type.

The Authorization header must contain a valid HTTP Basic authentication string, as specified in RFC 2617.

Character Set Encoding

ClearPass Guest supports the Unicode character set, using the UTF-8 encoding. Although other character sets are

supported, it is recommended that all SOAP API requests be constructed using the UTF-8 character set, as this

eliminates the need for character set conversions while also allowing all Unicode characters to be expressed directly.

The character set encoding of a request may be specified using the Content-Type header, for example:

Content-Type: text/xml; charset=utf-8

SOAP Faults

SOAP 1.1 defines a generalized fault response which is used to indicate that the server could not process the body of

the request. The SOAP <Fault> element contains a description of the error, which is divided into a <faultcode>

that briefly summarizes the problem, and a <faultstring> that contains a description of the error.

Additionally, the API-specific details of the error are provided in a <details> element.

The following table lists the fault codes and corresponding descriptions that might be encountered while using the

SOAP API:

Dell Networking W-ClearPass Guest 6.1 | Deployment Guide Administration | 277