[英]SOAP WS over https
I'm using WAS 8.5.5 我正在使用WAS 8.5.5
I have the following req. 我有以下要求。 :
:
I did the following : 我做了以下事情:
In either cases, it doesn't work. 在任何一种情况下,它都不起作用。 What I need is a simple guide to make a web service accessible only over https .
我需要的是一个简单的指南,使Web服务只能通过https访问 。
I'm not sure you can restrict access to a single web service to SSL this way. 我不确定您是否可以通过这种方式限制对单个Web服务的访问。 I took your screenshots one step further and clicked the
SSL transport
link. 我进一步截取了屏幕截图,然后点击了
SSL transport
链接。 I get the following. 我得到以下内容。
Notice the title says Outbound asynchronous service responses . 注意标题是出站异步服务响应 。 I don't think this is what you want.
我不认为这是你想要的。 Unfortunately, this is all you get when you click New for SSL on provider policy set bindings.
不幸的是,当您在提供程序策略集绑定上单击“ 新建 SSL”时,这就是您所获得的全部内容。
I would suggest bundling your "ssl-only" service in a different EAR and deploying it to a different server process. 我建议将您的“仅限ssl”服务捆绑在不同的EAR中,并将其部署到不同的服务器进程。 You can then restrict that server process to only receive requests over SSL by disabling non-SSL web container ports.
然后,您可以通过禁用非SSL Web容器端口将该服务器进程限制为仅通过SSL接收请求。
If you want to get adventurous, you can write a TAI to check that SSL is being used. 如果您想冒险,可以编写TAI来检查SSL是否正在使用。 But you asked for a simple way;
但是你问了一个简单的方法; and you have to dig in a bit to make a TAI truly secure (unfortunately, a lot of people don't).
你需要深入挖掘才能使TAI真正安全(不幸的是,很多人都没有)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.