WAS v8.5 > Secure applications > Secure web services > Secure bus-enabled web services > Work with password-protected components

Access a password-protected proxy server

Configure access to an external web service or WSDL file through a password-protected proxy server.


Service integration technologies requires access to the Internet for invoking outbound services and for retrieval of external WSDL files. Many enterprise installations use a proxy server in support of Internet routing, and many proxy servers require authentication before they grant access to the Internet. This requirement is supported in HTTP messaging by a Proxy-Authorization message header containing encoded user ID and password credentials.

To enable service integration technologies to invoke an outbound service you configure, for each outbound port, a proxy host, port and J2C authentication alias.

When you create or modify inbound or outbound services, the service integration bus might also have to pass messages through an authenticating proxy server to retrieve WSDL documents. Consequently configure the proxy host and port used.

Neither the dmgr console panels used to create a new web service configuration, nor the Reload WSDL option provided in the panels used to modify an existing web service configuration, allow us to enter an authentication alias for WSDL retrieval. If the bus needs to pass messages through an authenticating proxy server to retrieve WSDL documents, then you must use command-line tools to retrieve the WSDL.

  1. Start the WebSphere Application Server administrative server.
  2. Start the dmgr console.
  3. To enable invocation of an outbound service through a password-protected proxy server...

    1. In the dmgr console navigation pane, click Service integration -> Buses -> security_value -> [Related Items] JAAS - J2C authentication data.
    2. Create a J2C authentication alias, providing an alias name, and the user ID and password required by the authenticating proxy server.

    3. Click OK.
    4. In the dmgr console navigation pane, click Service integration -> Buses -> bus_name -> [Services] Outbound Services -> service_name -> Outbound Ports -> port_name.

    5. Type into the appropriate fields the authenticating proxy host name, port, and the authentication alias you created.

    6. Click OK.

  4. To enable the service integration bus to pass messages through an authenticating proxy server to retrieve WSDL documents...

    1. In the dmgr console navigation pane, select Servers -> Server Types -> WebSphere application servers -> server_name -> [Server Infrastructure] Java and Process Management -> Process Definition > [Additional Properties] Java Virtual Machine -> [Additional Properties] Custom Properties.

    2. Set the following properties:

      • http.proxySet - Set this to true to tell the application server that it is required to work with an authenticating proxy.

      • http.proxyHost - Set this to the machine name of the authenticating proxy.

      • http.proxyPort - Set this to the port through which the authenticating proxy is accessed. For example 8080.

      • http.nonProxyHosts - List the internal machines for which authentication is not required for routing through the proxy. Separate each machine name in the list with a vertical bar ("|").
      • This list must include the machine on which the bus is installed.

    If the bus needs to pass messages through an authenticating proxy server to retrieve WSDL documents, then you must use command-line tools to retrieve the WSDL.

  5. Save your changes to the master configuration.
  6. Stop then restart the application server.
  7. Close the dmgr console.


Reference:

Bus-enabled web services troubleshooting tips
HTTP transport custom properties for web services applications


Related information:

Password-protecting inbound services
Password-protecting a web service operation
Invoking a password-protected outbound service


+

Search Tips   |   Advanced Search