REST gateway: Security configuration

You can use the REST gateway in a secured data grid configuration. To access secured data grids, provide the user ID and password in an authorization header. Transport security can be used with the REST gateway, but introduces additional processing for the appliance.

Authentication and authorization

To access to a data grid map through the REST gateway, the user must be authenticated and authorized to access the specified data grid in the URI. The application client must provide a basic authorization header with the authorized user ID and password in the HTTP headers of the HTTP request.
Authorization: Basic <base64 encoded string of “userid:password”>
For more information about the basic authorization header format, see Wikipedia: Basic access authentication.

Transport security

Clients that are using the REST Gateway can use the HTTPS protocol if transport security is required. Using HTTPS instead of HTTP introduces significant additional processing burden on the WebSphere® DataPower® XC10 Appliance to process the request.