+

Search Tips   |   Advanced Search

Accessing a password-protected proxy server

Configure access to an external web service or WSDL file through a password-protected proxy server.

Service integration technologies requires access to the Internet for invoking outbound services and for retrieval of external WSDL files. Many enterprise installations use a proxy server in support of Internet routing, and many proxy servers require authentication before they grant access to the Internet. This requirement is supported in HTTP messaging by a Proxy-Authorization message header containing encoded user ID and password credentials.

To enable service integration technologies to invoke an outbound service we configure, for each outbound port, a proxy host, port and J2C authentication alias.

When we create or modify inbound or outbound services, the service integration bus might also have to pass messages through an authenticating proxy server to retrieve WSDL documents. Consequently configure the proxy host and port used.

Neither the administrative console panels used to create a new web service configuration, nor the Reload WSDL option provided in the panels used to modify an existing web service configuration, allow us to enter an authentication alias for WSDL retrieval. If the bus needs to pass messages through an authenticating proxy server to retrieve WSDL documents, then use command-line tools to retrieve the WSDL.


Tasks

  1. Start the WebSphere Application Server administrative server.

  2. Start the administrative console.

  3. To enable invocation of an outbound service through a password-protected proxy server:

    1. In the administrative console navigation pane, click Service integration -> Buses -> security_value -> [Related Items] JAAS - J2C authentication data.
    2. Create a J2C authentication alias, providing an alias name, and the user ID and password required by the authenticating proxy server.

    3. Click OK.

    4. In the administrative console navigation pane, click Service integration -> Buses -> bus_name -> [Services] Outbound Services -> service_name -> Outbound Ports -> port_name.

    5. Type into the appropriate fields the authenticating proxy host name, port, and the authentication alias we created.

    6. Click OK.

  4. To enable the service integration bus to pass messages through an authenticating proxy server to retrieve WSDL documents:

    1. In the administrative console navigation pane, select Servers -> Server Types -> WebSphere application servers -> server -> [Server Infrastructure] Java and Process Management -> Process Definition > [Additional Properties] Java Virtual Machine -> [Additional Properties] Custom Properties.

    2. Set the following properties:

      • http.proxySet - Set this to true to tell the application server that it is required to work with an authenticating proxy.
      • http.proxyHost - Set this to the machine name of the authenticating proxy.
      • http.proxyPort - Set this to the port through which the authenticating proxy is accessed. For example 8080.
      • http.nonProxyHosts - List the internal machines for which authentication is not required for routing through the proxy. Separate each machine name in the list with a vertical bar ("|").
      • This list must include the machine on which the bus is installed.

    If the bus needs to pass messages through an authenticating proxy server to retrieve WSDL documents, then use command-line tools to retrieve the WSDL.

  5. Save changes to the master configuration.

  6. Stop then restart the application server.
  7. Close the administrative console.

  • Bus-enabled web services troubleshooting tips
  • HTTP transport custom properties for web services applications
  • Password-protecting inbound services
  • Password-protecting a web service operation
  • Invoking a password-protected outbound service