I'm using WAS 8.5.5
I have the following req. :
I did the following :
In either cases, it doesn't work. What I need is a simple guide to make a web service accessible only over https .
I'm not sure you can restrict access to a single web service to SSL this way. I took your screenshots one step further and clicked the SSL transport
link. I get the following.
Notice the title says Outbound asynchronous service responses . I don't think this is what you want. Unfortunately, this is all you get when you click New for SSL on provider policy set bindings.
I would suggest bundling your "ssl-only" service in a different EAR and deploying it to a different server process. You can then restrict that server process to only receive requests over SSL by disabling non-SSL web container ports.
If you want to get adventurous, you can write a TAI to check that SSL is being used. But you asked for a simple way; and you have to dig in a bit to make a TAI truly secure (unfortunately, a lot of people don't).
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.