Configuring secure access to WS-Notification service points by using SOAP over HTTPS

Modify the configuration of existing WS-Notification service points to require use of SOAP over HTTPS instead of SOAP over HTTP as the binding for inbound requests from notification providers.

Before you begin

This task assumes that you have an existing WS-Notification service and service points, and that you are using the SOAP over HTTP binding for inbound requests.

About this task

By default the SOAP over HTTP endpoints used by service points accept both HTTP and HTTPS requests. HTTPS can be used by changing the endpoint URL prefix to https:// on each WS-Notification service point for the service, and modifying the port to the HTTPS port used by the server (default of 9443).

For Version 7.0 WS-Notification services, enterprise applications are used to expose the web services associated with the WS-Notification service. For Version 6.1 WS-Notification services, service integration endpoint listeners are used.

Procedure

  1. Start the administrative console.
  2. Navigate to Service integration -> WS-Notification -> Services -> service_name -> [Additional Properties] WS-Notification service points or Service integration -> Buses -> bus_name -> [Services] WS-Notification services -> service_name -> [Additional Properties] WS-Notification service points , then identify the WS-Notification service points for the WS-Notification service you want to secure.
  3. Configure HTTPS access individually on each of the WS-Notification service points by repeating the following sub-steps:
    For Version 7.0 WS-Notification services:
    1. In the content pane, click the name of a Version 7.0 WS-Notification service point in the list.
    2. Navigate to the associated enterprise application by clicking [Additional Properties] Service point application . The enterprise application settings panel is displayed.
      Note: You can also reach this panel by clicking Applications -> Application Types -> WebSphere enterprise applications -> application_name .
    3. In the enterprise application settings panel, click [Web Services Properties] Provide HTTP endpoint URL information.
    4. Specify the endpoint URL prefix (that is the protocol (HTTPS), host name, and port number) to use in the endpoint URL. You can select the default HTTPS prefix (https://your_host_name:9443) from a predefined list, or you can create and use your own custom HTTPS prefix. For more information, see Configuring endpoint URL information for HTTP bindings.
    For Version 6.1 WS-Notification services:
    1. Create a new endpoint listener with an https URL as the URL root.
    2. Modify this WS-Notification service point to associate the inbound port for the new endpoint listener with this service point. The https URL appears in the published WSDL file.
    3. Prevent the new endpoint listener from accepting HTTP connections by modifying the virtual host settings. For more information, see Virtual hosts and Creating a Secure Sockets Layer configuration.



In this information ...


Related concepts

IBM Redbooks, demos, education, and more

(Index)

Use IBM Suggests to retrieve related content from ibm.com and beyond, identified for your convenience.

This feature requires Internet access.

Task topic Task topic    

Terms of Use | Feedback

Last updatedLast updated: Sep 19, 2011 3:08:41 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=matt&product=was-nd-zos&topic=tjwsn_sec_sysa
File name: tjwsn_sec_sysa.html