SOAP WS over https
Question
I'm using WAS 8.5.5
I have the following req. :
- I have a two web services deployed and I wish only one of them accessible over https
- The rest of the applications deployed in the server must remain unaffected
I did the following :
- Attached the WSHTTPS default policy set as shown in the
- Created a copy of WSHTTPS default, created a 'General Provider Policy Set Binding' named test(please see the attached images
) and attached the both to the web service
In either cases, it doesn't work. What I need is a simple guide to make a web service accessible only over https .
1 answers
solution1
0 2015-03-02 15:52:28
I'm not sure you can restrict access to a single web service to SSL this way. I took your screenshots one step further and clicked the SSL transport link. I get the following.
Notice the title says Outbound asynchronous service responses . I don't think this is what you want. Unfortunately, this is all you get when you click New for SSL on provider policy set bindings.
I would suggest bundling your "ssl-only" service in a different EAR and deploying it to a different server process. You can then restrict that server process to only receive requests over SSL by disabling non-SSL web container ports.
If you want to get adventurous, you can write a TAI to check that SSL is being used. But you asked for a simple way; and you have to dig in a bit to make a TAI truly secure (unfortunately, a lot of people don't).
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.