堆栈内存溢出
  简体   繁体   English

SOAP WS over https

[英]SOAP WS over https

 原文  2015-02-25 16:15:44       web-services/ soap/ https/ websphere/ websphere-8

问题描述

I'm using WAS 8.5.5 我正在使用WAS 8.5.5

I have the following req. 我有以下要求。 :

  1. I have a two web services deployed and I wish only one of them accessible over https 我部署了两个Web服务,我希望其中只有一个可以通过https访问
  2. The rest of the applications deployed in the server must remain unaffected 部署在服务器中的其余应用程序必须保持不受影响

I did the following : 我做了以下事情:

  1. Attached the WSHTTPS default policy set as shown in the 附加了WSHTTPS默认策略集,如图所示 附图
  2. Created a copy of WSHTTPS default, created a 'General Provider Policy Set Binding' named test(please see the attached images 创建了WSHTTPS默认副本,创建了“通用提供程序策略集绑定”命名测试(请参阅附图 wshttps_default_edited_policy_not_workingCustom_policy_setCustom_provider_policy_set_binding ) and attached the both to the web service )并将两者附加到Web服务

In either cases, it doesn't work. 在任何一种情况下,它都不起作用。 What I need is a simple guide to make a web service accessible only over https . 我需要的是一个简单的指南,使Web服务只能通过https访问

1 个解决方案

解决方案1
 0  2015-03-02 15:52:28

I'm not sure you can restrict access to a single web service to SSL this way. 我不确定您是否可以通过这种方式限制对单个Web服务的访问。 I took your screenshots one step further and clicked the SSL transport link. 我进一步截取了屏幕截图,然后点击了SSL transport链接。 I get the following. 我得到以下内容。

在此输入图像描述

Notice the title says Outbound asynchronous service responses . 注意标题是出站异步服务响应 I don't think this is what you want. 我不认为这是你想要的。 Unfortunately, this is all you get when you click New for SSL on provider policy set bindings. 不幸的是,当您在提供程序策略集绑定上单击“ 新建 SSL”时,这就是您所获得的全部内容。

I would suggest bundling your "ssl-only" service in a different EAR and deploying it to a different server process. 我建议将您的“仅限ssl”服务捆绑在不同的EAR中,并将其部署到不同的服务器进程。 You can then restrict that server process to only receive requests over SSL by disabling non-SSL web container ports. 然后,您可以通过禁用非SSL Web容器端口将该服务器进程限制为仅通过SSL接收请求。

If you want to get adventurous, you can write a TAI to check that SSL is being used. 如果您想冒险,可以编写TAI来检查SSL是否正在使用。 But you asked for a simple way; 但是你问了一个简单的方法; and you have to dig in a bit to make a TAI truly secure (unfortunately, a lot of people don't). 你需要深入挖掘才能使TAI真正安全(不幸的是,很多人都没有)。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 在Silverlight中通过https访问soap - Accessing soap over https in silverlight Https上的Java- SOAP Web服务 - Java- SOAP Web service over Https 你可以通过HTTPS运行soap吗? - Can you run soap over HTTPS? 通过https的PHP肥皂API调用不起作用 - php soap api call over https not working 消耗通过ServiceStack客户端通过SOAP公开的Java CXF WS - Consume Java CXF WS exposed over SOAP from ServiceStack client 如何使JAX-WS在生成的wsdl中使用https(http到https)作为soap:address - How to make JAX-WS use https (http to https) for soap:address in generated wsdl 无法加载外部实体“ https://ws.hipay.com/soap/payment-v2?wsdl” - failed to load external entity “https://ws.hipay.com/soap/payment-v2?wsdl” 两端均带有SSL证书的HTTPS上的SOAP客户端 - SOAP Client over HTTPS with SSL certificates on both sides 通过https的Tibco SOAP请求 - SSL证书验证问题 - Tibco SOAP request over https - SSL certificate verification problem 如何在C#中通过HTTPS使用SOAP服务? - How to consume a SOAP service over HTTPS in C#?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM