The gateway requires access to the Internet for invoking Web services and for retrieval of WSDL files. Many enterprise installations use a proxy server in support of Internet routing, and many proxy servers require authentication before they grant access to the Internet.
Why and when to perform this task
This requirement is supported in HTTP messaging by a Proxy-Authorization message header that contains encoded user name and password credentials.
For messages passing through the gateway, you can enable and disable proxy authentication, and specify whether the authentication credentials are supplied by the service requester or by the gateway. If you specify requester-supplied credentials, the credentials in the HTTP message that the gateway receives are re-instantiated by the gateway in the equivalent message that it sends on to the proxy. If you specify gateway-supplied credentials, the gateway ignores any credentials in the incoming HTTP message and supplies its own credentials in the equivalent message that it sends on to the proxy.
In certain circumstances, the gateway also creates and sends its own messages (for example for WSDL retrieval). In these cases the gateway always supplies its own credentials to the authenticating proxy. Therefore even if you enable proxy authentication and specify requester-supplied credentials, you must still supply credentials for the gateway.
To enable proxy authentication for the gateway, complete the following steps:
Steps for this task
Gateway
Note: You also use the gateway configuration form to set the namespace URI and WSDL URI for the Web services gateway.
Note: If you enable proxy authentication then this field is compulsory, even if you also specify requester-supplied credentials as described in a subsequent step.
Note: If you enable proxy authentication then this field is compulsory, even if you also specify requester-supplied credentials as described in the next step.
With this setting, each incoming message to the gateway from a service requester is expected to contain a valid Proxy-Authorization HTTP message header. This header is re-instantiated by the gateway in the equivalent message that it sends to the proxy.
For gateway-initiated messaging, such as WSDL retrieval, the gateway supplies its own credentials in the HTTP messages that it sends to the proxy.
With this setting, a trust association is established between the gateway and the authenticating proxy. The gateway supplies its own credentials in all messages that it sends to the proxy, and no user name or password is required from service requesters for invoking Web services.