ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzamy_5.4.0.1/50/webserv/wsseccfahttp.htm

72 lines
4.0 KiB
HTML
Raw Normal View History

2024-04-02 14:02:31 +00:00
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<META http-equiv="Content-Type" content="text/html; charset=utf-8">
<LINK rel="stylesheet" type="text/css" href="../../../rzahg/ic.css">
<title>Configure HTTP basic authentication for Web services</title>
</head>
<BODY>
<!-- Java sync-link -->
<SCRIPT LANGUAGE="Javascript" SRC="../../../rzahg/synch.js" TYPE="text/javascript"></SCRIPT>
<h5><a name="wsseccfahttp"></a>Configure HTTP basic authentication for Web services</h5>
<p>HTTP basic authentication uses a username and password to authenticate a service client to a secure endpoint.</p>
<p>WebSphere Application Server - Express can have several resources, including Web services, protected by the J2EE security model.</p>
<p>A simple way to provide authentication data for the service client is to authenticate to the protected service endpoint to the HTTP basic authentication. The basic authentication is located in the HTTP header that carries the Simple Object Access Protocol (SOAP) request. When the application server receives the HTTP request, the username and password are retrieved and verified using the authentication mechanism specific to the server.</p>
<p><strong>Note:</strong> To use HTTP basic authentication for Web services, you must configure WebSphere global security. For more information, see <a href="../sec/seccglo.htm">Configure global security</a> in the <em>Security</em> topic.</p>
<p>Although the basic authentication data is base64-encoded, it is recommended that the data is sent over HTTPS. The integrity and confidentiality of the data can be protected by the Secured Sockets Layer (SSL) protocol.</p>
<p>In come cases, a firewall is present using the PASS-THRU HTTP proxy server. The HTTP proxy server forwards the basic authentication data into the J2EE application server. The proxy server can also be protected. Applications can specify the proxy data by setting properties in a stub object.</p>
<p>You can configure the username and password for HTTP basic authentication with the ibm-webservicesclient-bnd.xmi deployment descriptor, or using the properties mechanism for the configuration of a stub or call instance at run time.</p>
<ul>
<li><p><strong>Edit the ibm-webservicesclient-bnd.xmi deployment descriptor</strong>
<br>Specify the attribute basicAuth for each <tt>portQNameBindings</tt> of each <tt>serviceRef</tt>. For example:</p>
<pre>&gt;basicAuth userid=&quot;myID&quot; password=&quot;myPassword&quot;\&gt;</pre></li>
<li><p><strong>Set properties</strong>
<br>The values set by the properties mechanism take precedence over the values defined by the ibm-webservicesclient-bnd.xmi deployment descriptor.</p>
<p>Change the following properties:</p>
<ul>
<li><tt>javax.xml.rpc.Call.USERNAME_PROPERTY</tt></li>
<li><tt>javax.xml.rpc.Call.PASSWORD_PROPERTY</tt></li>
<li><tt>javax.xml.rpc.Stub.USERNAME_PROPERTY</tt></li>
<li><tt>javax.xml.rpc.Stub.PASSWORD_PROPERTY</tt></li>
</ul>
<p>You can also configure Proxy data using the properties mechanism described by using the following properties to configure your Web services application:</p>
<ul>
<li>For HTTP:
<ul>
<li><tt>com.ibm.wsspi.webservices.HTTP_PROXYHOST_PROPERTY</tt></li>
<li><tt>com.ibm.wsspi.webservices.HTTP_PROXYPORT_PROPERTY</tt></li>
<li><tt>com.ibm.wsspi.webservices.HTTP_PROXYUSER_PROPERTY</tt></li>
<li><tt>com.ibm.wsspi.webservices.HTTP_PROXYPASSWORD_PROPERTY</tt></li>
</ul><p></p></li>
<li>For HTTPS:
<ul>
<li><tt>com.ibm.wsspi.webservices.HTTPS_PROXYHOST_PROPERTY</tt></li>
<li><tt>com.ibm.wsspi.webservices.HTTPS_PROXYPORT_PROPERTY</tt></li>
<li><tt>com.ibm.wsspi.webservices.HTTPS_PROXYUSER_PROPERTY</tt></li>
<li><tt>com.ibm.wsspi.webservices.HTTPS_PROXYPASSWORD_PROPERTY</tt></li>
</ul></li>
</ul></li>
</ul>
<p>After you have deployed your Web service, <a href="wsseccfhttpssl.htm">Edit the HTTP basic authentication configuration</a> with the WebSphere administrative console.</p>
</body>
</html>