IBM BJ0NJML Integration Guide - Page 197
Web Services, Securing Web Services, the application server with the appropriate digital certificates.
![]() |
View all IBM BJ0NJML manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 197 highlights
Web Services Object Structure Service Servlet Object Structure Service Servlet (HTTP POST) accessible by authorized users /os/* GET POST Roles that have access to Object Structure Service Servlet (HTTP POST) maximouser data transmission gaurantee NONE --> The preceding section refers to a single role, maximouser, which is defined farther down in the web.xml file. By default, the security constraint section is not commented out. An Integration User maximouser In addition, change the following web.xml value for useAppServerSecurity from 0 to 1 in the web.xml: Indicates whether to use Application Server security or not useAppServerSecurity java.lang.String 0 You can securely deploy a Web service by using SSL (HTTPS). Set up the SSL in the application server with the appropriate digital certificates. Web Services You can secure integration Web services by using HTTP basic authentication in standard J2EE security. These security settings let authorized users with a valid user name and password access Web services. Securing Web Services Security To enable Web service security, use the steps previously described for HTTP, referencing the following Web service-specific security-constraint blocks. The application web.xml file contains a section for the web service invocation. By default, this section is commented out. 183
![](/manual_guide/products/ibm-bj0njml-integration-guide-77e799f/197.png)