friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
14ed2849c6
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzatz_5.4.0.1/51/webserv/wsseccfahttp.htm

122 lines
7.5 KiB
HTML
Raw Blame History

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<META http-equiv="Content-Type" content="text/html; charset=utf-8">
<LINK rel="stylesheet" type="text/css" href="../../../rzahg/ic.css">
<title>Configure HTTP basic authentication for Web services</title>
</head>
<BODY>
<!-- Java sync-link -->
<SCRIPT LANGUAGE="Javascript" SRC="../../../rzahg/synch.js" TYPE="text/javascript"></SCRIPT>
<h4><a name="wsseccfahttp"></a>Configure HTTP basic authentication for Web services</h4>
<p>HTTP basic authentication uses a username and password to authenticate a service client to a secure endpoint. HTTP basic authentication is orthogonal to the security support provided by WS-Security or HTTP Secure Sockets Layer (SSL) configuration.</p>
<p>A simple way to provide authentication data for the Web service client is to authenticate to the protected service endpoint with HTTP basic authentication. The basic authentication information is located in the HTTP header that carries the Simple Object Access Protocol (SOAP) request. When the application server receives the HTTP request, the username and password are retrieved and verified using the authentication mechanism specific to the server. To use HTTP basic authentication for Web services, you must configure WebSphere global security. For more information, see <a href="../sec/seccglo.htm">Configure global security</a> in the <em>Security</em> topic.</p>
<p>Although the basic authentication data is Base64-encoded, it is recommended that the data is sent over HTTPS. The integrity and confidentiality of the data can be protected by the Secured Sockets Layer (SSL) protocol. The following steps include instructions for enabling SSL for your Web service client.</p>
<p>In come cases, a firewall is present using the PASS-THRU HTTP proxy server. The HTTP proxy server forwards the basic authentication data into the J2EE application server. The proxy server can also be protected. Applications can specify the proxy data by setting properties in a stub object.</p>
<p>To configure HTTP basic authentication, use the WebSphere Application Server - Epxress tools to modify the binding information or programmatically set properties in a Stub or Call object. The values that are set programmatically take precedence over the values that are defined in the binding. However, the HTTP proxy authentication can only be configured programmatically.</p>
<ol>
<li><p><strong>Configure HTTP basic authentication in the client deployment descriptor.</strong>
<br>Before installing the Web services application, WebSphere Studio Development Client for iSeries to configure the HTTP basic authentication in the Web Services Client Port Binding page for a Web service or a Web service client. The Web Services Client Port Binding page is available when you open the webservicesclient.xml deployment descriptor file.</p></li>
<li><p>(Optional) <strong>Configure SSL in the client deployment descriptor.</strong>
<br>For more information, see <a href="wsseccfssl.htm">Configure client-side SSL for Web services</a>.</p></li>
<li><p>(Optional) <strong>Create an SSL repertoire configuration entry.</strong>
<br>Define an SSL repertoire for an existing service endpoint. For more information, see <a href="../sec/seccsslr.htm">Use SSL configuration repertoires</a> in the <em>Security</em> topic.</p></li>
<li><p>(Optional) <strong>Configure HTTP basic authentication for the Web services client.</strong>
<br>If your Web service acts as a client to another Web servers, you can use the administrative console to configure the client security bindings after you deploy it to WebSphere Application Server - Express.</p>
<p>Perform the following steps in the WebSphere administrative console:</p>
<ol type="a">
<li>Expand <strong>Applications</strong>, and click <strong>Enterprise Applications</strong>.</li>
<li>Click the name of your application.</li>
<li>Under <strong>Related Items</strong>, click <strong>Web Module</strong>.</li>
<li>Click the name of your URI.</li>
<li>Click <strong>Web Services: Client Security Bindings</strong>.</li>
<li>Locate the <strong>HTTP Basic Authentication</strong> field.</li>
<li>Configure HTTP Basic authentication:
<ol>
<li>Click <strong>Edit</strong>.</li>
<li>Enter the user ID and password.</li>
<li>Click <strong>OK</strong>.</li>
</ol></li>
<li>(Optional) Configure HTTP SSL:
<ol>
<li>Locate the <strong>HTTP SSL Configuration</strong> field.</li>
<li>Click <strong>Edit</strong>.</li>
<li>Select <strong>HTTP SSL Enabled</strong>.</li>
<li>Select an SSL alias in the <strong>HTTP SSL Configuration</strong> field.</li>
<li>Click <strong>OK</strong>.</li>
</ol></li>
<li>Save your configuration.</li>
<li>Restart your Web services application.</li>
</ol><p></p></li>
<li><p><strong>Configure HTTP basic authentication for the Web service.</strong>
<br>After you configure the Web services client bindings, you must configure the Web service that acts as the server. The ID and password that you specify for the Web service must match the ID and password that you specified for the client.</p>
<p>Perform the following steps in the WebSphere administrative console:</p>
<ol type="a">
<li>Expand <strong>Applications</strong>, and click <strong>Enterprise Applications</strong>.</li>
<li>Click the name of your application.</li>
<li>Under <strong>Related Items</strong>, click <strong>Web Module</strong>.</li>
<li>Click the name of your URI.</li>
<li>Click <strong>Web Services: Client Security Bindings</strong>.</li>
<li>Locate the <strong>HTTP Basic Authentication</strong> field.</li>
<li>Configure HTTP Basic authentication:
<ol>
<li>Click <strong>Edit</strong>.</li>
<li>Enter the user ID and password.</li>
<li>Click <strong>OK</strong>.</li>
</ol></li>
<li>(Optional) Configure HTTP SSL:
<ol>
<li>Locate the <strong>HTTP SSL Configuration</strong> field.</li>
<li>Click <strong>Edit</strong>.</li>
<li>Select <strong>HTTP SSL Enabled</strong>.</li>
<li>Select an SSL alias in the <strong>HTTP SSL Configuration</strong> field.</li>
<li>Click <strong>OK</strong>.</li>
</ol></li>
<li>Save your configuration.</li>
<li>Restart your Web services application.</li>
</ol><p></p></li>
<li><p><strong>Programmatically configure HTTP basic authentication.</strong>
<br>Programmatically set the following properties in the stub or call object for a Web service or a Web service client:</p>
<pre> javax.xml.rpc.Call.USERNAME_PROPERTY
javax.xml.rpc.Call.PASSWORD_PROPERTY
javax.xml.rpc.Stub.USERNAME_PROPERTY
javax.xml.rpc.Stub.PASSWORD_PROPERTY</pre></li>
<li><p>(Optional) <strong>Programmatically configure HTTP proxy authentication.</strong>
<br>Set the following properties in the stub or call object to configure the HTTP proxy authentication:</p>
<pre> com.ibm.wsspi.webservices.HTTP_PROXYHOST_PROPERTY
com.ibm.wsspi.webservices.HTTP_PROXYPORT_PROPERTY
com.ibm.wsspi.webservices.HTTP_PROXYUSER_PROPERTY
com.ibm.wsspi.webservices.HTTP_PROXYPASSWORD_PROPERTY</pre></li>
<li><p>(Optional) <strong>Programmatically configure HTTPS proxy authentication.</strong>
<br>Set the following properties for HTTPS:</p>
<pre> com.ibm.wsspi.webservices.HTTPS_PROXYHOST_PROPERTY
com.ibm.wsspi.webservices.HTTPS_PROXYPORT_PROPERTY
com.ibm.wsspi.webservices.HTTPS_PROXYUSER_PROPERTY
com.ibm.wsspi.webservices.HTTPS_PROXYPASSWORD_PROPERTY</pre></li>
</ol>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink