Network Deployment (Distributed operating systems), v8.0 > Secure applications and their environment > Secure web services > Secure bus-enabled web services > Work with password-protected components
Access a password-protected proxy server
Configure access to an external web service or WSDL file through a password-protected proxy server.
Service integration technologies requires access to the Internet for invoking outbound services and for retrieval of external WSDL files. Many enterprise installations use a proxy server in support of Internet routing, and many proxy servers require authentication before they grant access to the Internet. This requirement is supported in HTTP messaging by a Proxy-Authorization message header that contains encoded user ID and password credentials.
To enable service integration technologies to invoke an outbound service you configure, for each outbound port, a proxy host, port and J2C authentication alias.
When you create or modify inbound or outbound services, the service integration bus might also have to pass messages through an authenticating proxy server to retrieve WSDL documents. Consequently configure the proxy host and port that are used.
Neither the admin console panels used to create a new web service configuration, nor the Reload WSDL option provided in the panels used to modify an existing web service configuration, allow you to enter an authentication alias for WSDL retrieval. If the bus needs to pass messages through an authenticating proxy server to retrieve WSDL documents, then use command-line tools to retrieve the WSDL.
Procedure
- Start the WAS administrative server.
- Start the admin console.
- To enable invocation of an outbound service through a password-protected proxy server...
- In the admin console navigation pane, click Service integration -> Buses -> security_value -> [Related Items] JAAS - J2C authentication data .
- Create a J2C authentication alias, providing an alias name, and the user ID and password required by the authenticating proxy server.
- Click OK.
- In the admin console navigation pane, click Service integration -> Buses -> bus_name -> [Services] Outbound Services -> service_name -> Outbound Ports -> port_name .
- Type into the appropriate fields the authenticating proxy host name, port, and the authentication alias you created.
- Click OK.
- To enable the service integration bus to pass messages through an authenticating proxy server to retrieve WSDL documents...
- In the admin console navigation pane, select Servers -> Server Types -> WebSphere application servers -> server_name
-> [Server Infrastructure] Java and Process Management -> Process Definition > [Additional Properties] Java Virtual Machine -> [Additional Properties] Custom Properties .
- Set the following properties:
- //publib.boulder.ibm.com/infocenter/wasinfo/v8r0/index.jsp?topic=/ .proxySet
- Set this to true to tell the application server that it is required to work with an authenticating proxy.
- //publib.boulder.ibm.com/infocenter/wasinfo/v8r0/index.jsp?topic=/ .proxyHost
- Set this to the machine name of the authenticating proxy.
- //publib.boulder.ibm.com/infocenter/wasinfo/v8r0/index.jsp?topic=/ .proxyPort
- Set this to the port through which the authenticating proxy is accessed. For example 8080.
- //publib.boulder.ibm.com/infocenter/wasinfo/v8r0/index.jsp?topic=/ .nonProxyHosts
- List the internal machines for which authentication is not required for routing through the proxy. Separate each machine name in the list with a vertical bar ("|").- This list must include the machine on which the bus is installed.
If the bus needs to pass messages through an authenticating proxy server to retrieve WSDL documents, then use command-line tools to retrieve the WSDL.
- Save your changes to the master configuration.
- Stop then restart the application server.
- Close the admin console.
Related
Bus-enabled web services troubleshooting tips
HTTP transport custom properties for web services applications