Securing JAX-RS 2.0 resource with SSL communications

 You can secure the JAX-RS 2.0 resource by using Secure Sockets Layer (SSL) transport layer security.

Before you begin

This task assumes that you completed the following steps:
  • You defined a cell profile to an application server or to an application server that is federated to a network deployment manager. Read about creating cell profiles to learn how to create cell profiles that contain a federated application server node and a deployment manager.
  • You installed your JAX-RS 2.0 application onto the application server.

About this task

This task aims to instruct you to secure your JAX-RS 2.0 server side by configuring the web.xml file.

Procedure

  1. Enable the administrative security and the application security in the WebSphere® Application Server 傳統版 administrative console.

    Go to Security->Global security. In the Global security panel, check the Enable administrative security box under the Administrative security field and the Enable application security box under the Application security field.

  2. Develop your JAX-RS 2.0 web applications.
  3. Configure the web.xml file.

    To secure your JAX-RS resource, add the transport-guarantee subelement under the user-data-constraint element to the web.xml file and set its value to CONFIDENTIAL. See the following example as reference:

    <web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    	xsi:schemaLocation="http://java.sun.com/xml/ns/javaee web-app_3_0.xsd"
    	version="3.0">
    
    	<display-name>Security Test Application</display-name>
    	<description>Server-side application for Security Tests</description>
    
    	<servlet>
    		<servlet-name>com.ibm.ws.jaxrs.security.ssl.SSLApplication
    		</servlet-name>
    		<load-on-startup>1</load-on-startup>
    	</servlet>
    	<servlet-mapping>
    		<servlet-name>com.ibm.ws.jaxrs.security.ssl.SSLApplication
    		</servlet-name>
    		<url-pattern>/ssltest/*</url-pattern>
    	</servlet-mapping>
    
    	<security-constraint id="SecurityConstraint_1">
    		<web-resource-collection id="WebResourceCollection_1">
    			<web-resource-name>com.ibm.ws.jaxrs.security.ssl.SSLApplication
    			</web-resource-name>
    			<description>Protection area for Rest Servlet</description>
    			<url-pattern>/ssltest/ssl/get</url-pattern>
    			<http-method>GET</http-method>
    			<http-method>POST</http-method>
    		</web-resource-collection>
    		<user-data-constraint>
    			<transport-guarantee>CONFIDENTIAL</transport-guarantee>
    		</user-data-constraint>
    	</security-constraint>
    
    	<login-config>
    		<auth-method>BASIC</auth-method>
    		<realm-name>test</realm-name>
    	</login-config>
    	<security-role id="SecurityRole_1">
    		<description>blabla</description>
    		<role-name>Role1</role-name>
    	</security-role>
    	<security-role id="SecurityRole_2">
    		<role-name>Role2</role-name>
    	</security-role>
    	<security-role id="SecurityRole_3">
    		<role-name>AuthenticationRole</role-name>
    	</security-role>
    </web-app>

Results

You can call the encrypted resource now.


指出主題類型的圖示 作業主題



時間戳記圖示 前次更新: July 9, 2016 11:18
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=cord&product=was-nd-mp&topic=twbs_jaxrs_impl_securejaxrs2
檔名:twbs_jaxrs_impl_securejaxrs2.0_serverssl.html