Configure HTTP outbound transport level security with an assembly tool
This topic explains how to configure the HTTP outbound transport level security with an assembly tool.
You can configure HTTP outbound transport level security with assembly tools provided with WAS.
This task is one of several ways that you can configure the HTTP outbound transport level security for a Web Service acting as a client to another Web service server. You can also configure the HTTP outbound transport level security with the console or by using the Java properties. If you do not configure the HTTP outbound transport level security, the Web services runtime defers to the J2EE security runtime in the WebSphere product for an effective Secure Sockets Layer (SSL) configuration. If there is no SSL configuration with the J2EE security runtime in the WebSphere product, the Java Secure Socket Extension (JSSE) system properties are used.
Overview
If you configure the HTTP outbound transport level security with assembly tool or with the console, the Web services security binding information is modified. If you have not yet installed the Web services application into WAS, you can configure the HTTP SSL configuration with an assembly tool. This task assumes that you have not deployed the Web services application into the WebSphere product.
If you configure the HTTP outbound transport level security using the standard Java properties for JSSE, the properties are configured as system properties. The configuration that is specified in the binding takes precedence over the Java properties. However, the configurations that are specified by the J2EE security programming model, or are associated with the Dynamic selection, have a higher precedence.
Review the topic Secure communications using Secure Sockets Layer for more information.
Configure the HTTP outbound transport level security with the following steps provided in this task section.
Procedure
- Start an assembly tool. See "Starting WAS Toolkit" in the Application Server Toolkit documentation for more information.
- If you have not done so already, configure the assembly tool to work on J2EE modules. Verify the J2EE and Web categories are enabled. See "Configuring WAS Toolkit" in the Application Server Toolkit documentation for more information.
- Migrate the WAR files that are created with the Assembly Toolkit, Application Assembly Tool (AAT) or a different tool to an IBM assembly tool. To migrate files, import your WAR files to the assembly tool. See "Importing WAR files" in the Application Server Toolkit documentation for more information.
- Configure the HTTP outbound transport level security. See "Enabling Web service endpoints" in the Application Server Toolkit documentation for more information.
Results
You have configured the HTTP outbound transport level security for a Web Service acting as a client to another Web service with an assembly tool.
What to do next
Configure Federal Information Processing Standard Java Secure Socket Extension files
Securing Web services for V5.x applications based on WS-Security
Securing Web services applications using JAX-RPC at the message level
Authenticating Web services clients using HTTP basic authentication
Securing Web services applications at the transport level
Related Reference
HTTP SSL Configuration collection