When working with policy sets in the administrative console, you
can customize policies to ensure message security. You can customize the Hypertext
Transfer Protocol (HTTP) transport policy configuration or use the policy
as it is provided with the default settings.
Before you begin
You can configure some settings for default policies for custom policy
sets. The provided default policy sets cannot be edited. To customize a policy
set, you must create a copy of the default policy set or create a new policy
set and specify the policies for the custom policy set.
About this task
You can configure HTTP transport with the HTTP transport policy.
HTTP is an application-level protocol for distributed, collaborative, hypermedia
information systems. It is a generic, stateless, protocol that can be used
for many tasks beyond its use for hypertext, such as name servers and distributed
object management systems, through extension of request methods, error codes
and headers. A feature of HTTP is the typing and negotiation of data representation,
allowing systems to be built independently of the data being transferred.
HTTP features and HTTP connections properties are applied to outbound messages
for both the service client and service provider.
You can only configure
a policy through a policy set. Therefore, before you can configure the HTTP
transport policy, a policy set must exist that contains the HTTP transport
policy. The provided default WSHTTPS policy set is read only and it cannot
be edited. To customize a policy set that contains the HTTP transport policy,
you must first create a copy of the WSHTTPS default policy set or create a
new policy set and add the HTTP transport policy to the new policy set.
Avoid trouble: The WSHTTPS default policy set contains the HTTP transport
policy, the SSL transport policy and WS-Addressing policy. If you do not require
the SSL transport policy or the WS-Addressing policy, you can customize your
copy of the WSHTTPS default policy set to delete the policies that you do
not require.
gotcha
After you have created a copy of the WSHTTPS default
policy set or created a new policy set with the HTTP transport policy added,
you can customize the HTTP transport policy. Use the HTTP transport policy
settings panel to customize the values of the HTTP transport policy properties
such as read or write timeout values. Your customized values for the HTTP
transport policy now apply for your policy set that contains that custom HTTP
transport policy. You can attach this policy set containing your customized
HTTP transport policy to your Java API for XML-Based Web Services (JAX-WS)
application, its services, endpoints, or operations. This change affects all
JAX-WS applications to which that policy set is attached. To learn more about
attaching policy sets to applications, see the documentation for managing
policy sets for service providers and service clients at the application level.
For
example, if you have multiple policy sets, mypolicyset1 and mypolicyset2,
containing the HTTP transport policy, you can customize the HTTP transport
policy for each policy set to reflect different properties, such as timeout
values. Now, you can attach these customized policy sets to one or more applications
and these applications will use the HTTP property values associated with the
HTTP transport policy that is contained within the attached policy set.
Procedure
- Customize a HTTP transport policy in a policy set.
From
the administrative console, click Services > Policy Sets > Application
Policy Sets > copy_of_ WSHTTPS default > HTTP transport or Services
> Policy Sets > Application Policy Sets > new_HTTP_transport_policy_set >
HTTP transport. The HTTP transport window displays options for configuring
the HTTP settings for the transport policy.
- In the Protocol Version drop down list, click the HTTP
version to use. HTTP 1.1 is the default setting but HTTP 1.0 is
also available. Selecting HTTP 1.1 enables more of the function on the rest
of the HTTP transport window as some of the options are not available for
HTTP version 1.0.
- Complete the HTTP Features section. The following
check boxes determine which HTTP features are enabled for this transport:
- Session Enabled
- Whether the HTTP session is enabled when a message is sent.
- Enable chunked transfer encoding
- Whether chunked transfer encoding is enabled when a message is sent. This
option is only available if HTTP 1.1 is selected in the Protocol version field
(it is greyed out and disabled if HTTP 1.0 is selected).
- Send expect "100-request" header
- Displays whether the expect "100-request" header is enabled when a message
is sent. This option is only available if HTTP 1.1 is selected in the Protocol
version field (it is greyed out and disabled if HTTP 1.0 is selected).
- Accept URL redirection automatically
- Displays whether the URL is automatically redirected when a message is
sent.
- Compress request content
- Displays whether the request content is compressed when a message is sent.
- Compress response content
- Displays whether the response content is compressed when a message is
sent.
- Complete the HTTP Connections section. The following
fields determine how HTTP connections are configured for this transport:
- Read timeout
- Displays the length of time, in seconds, for the read to time out when
a message is sent.
- Write timeout
- Displays the length of time, in seconds, for the write to time out when
a message is sent.
- Connection timeout
- Displays the length of time, in seconds, for the connection to time out
when a message is sent.
- Use persistent connection
- Displays whether a persistent connection is to be used when a message
is sent. This option is only available if HTTP 1.1 is selected in the Protocol
version field.
- Resend enabled
- Displays whether or not a message can be resent. Click this check box
to enable a message to be sent again.
- Customize the HTTP transport default bindings. From
the administrative console, click Services > Policy sets > Default policy
set bindings > HTTP transport. The HTTP transport (bindings) window displays
options for configuring the HTTP transport bindings.
- Complete the fields in the Proxy for outbound service requests
section. The following fields determine proxy specifications for
outbound service requests:
- Host
- Displays the host name for the outbound service request proxy.
- Port
- Displays the port number for the outbound service request proxy.
- User name
- Displays the user name for the outbound service request proxy.
- Password
- Displays a placeholder for the password for the outbound service request
proxy. The actual password is masked.
- Confirm password
- Displays a placeholder for the password for the outbound service request
proxy that must match the one in the Password field. The actual password
is masked.
- Complete the fields in the Basic authentication for outbound
service requests section. The following fields determine authentication
specifications for outbound service requests:
- User name
- Displays the user name for basic authentication of outbound service requests.
- Password
- Displays a placeholder for the password for basic authentication of outbound
service requests. The actual password is masked.
- Confirm password
- Displays a placeholder for the password for basic authentication of outbound
service requests that must match the one in the Password field. The
actual password is masked.
- Complete the fields in the Proxy for outbound asynchronous service
responses section. The following fields determine proxy specifications
for outbound asynchronous service responses:
- Host
- Displays the host name for the outbound asynchronous service responses
proxy.
- Port
- Displays the port number for the outbound asynchronous service responses
proxy. You can enter or edit the port number.
- User name
- Displays the user name for the outbound asynchronous service responses
proxy.
- Password
- Displays a placeholder for the password for the outbound asynchronous
service responses proxy. You can enter or edit the password. The actual password
is masked.
- Confirm password
- Displays a placeholder for the password for the outbound asynchronous
service responses proxy that must match the one in the Password field.
The actual password is masked.
- Complete the fields in the Basic authentication for outbound
asynchronous responses. The following fields determine authentication
specifications for outbound asynchronous responses:
- User name
- Displays the user name for basic authentication of outbound asynchronous
responses.
- Password
- Displays a placeholder for the password for basic authentication of outbound
asynchronous responses. The actual password is masked.
- Confirm password
- Displays a placeholder for the password for basic authentication of outbound
asynchronous responses that must match the one in the Password field.
The actual password is masked.
Results
After you have customized the HTTP transport policy, the associated
policy set uses this policy to protect message transmission.
Example
You can attach policy sets to an application, its services, endpoints,
or operations. In this example scenario, suppose you have two different JAX-WS
service clients for your application, but you want to use different HTTP transport
property values for each service client. Specifically, you want to configure
a different read or write timeout value for each service client. To modify
the HTTP timeout values, you can edit the values of the HTTP transport policy
that is contained within the policy set that is attached to your application
or in this case, your service client. This change affects all applications
to which the policy set containing the custom HTTP transport policy is attached.
This example describes the steps for configuring different read, write,
and connection timeout values for service clients deployed in the same WebSphere
Application Server with Feature Pack for Web Services enabled. This example
makes the following assumptions:
- There are two JAX-WS service clients, ServiceClient1 and ServiceClient2,
that are deployed in WebSphere Application Server with Feature Pack for Web
Services enabled.
- The HTTP transport policy has not been previously attached to these applications.
- Create two new policy sets and add the HTTP Transport policy to them.
For example: HTTPServiceClient1Policy and HTTPServiceClient2Policy
- Click .
- Enter the name of the new application policy set, HTTPServiceClient1Policy.
- Click .
- From the Policies collection, click .
- Click and to save your changes to the master
configuration.
- Repeat these steps to create the HTTPServiceClient2Policy.
- Customize the HTTP Transport policy settings for the newly created HTTPServiceClient1Policy
and HTTPServiceClient2Policy policies. For example, customize the read and
write timeout values for the HTTPServiceClient1Policy and the connection timeout
value for the HTTPServiceClient2Policy.
- Click HTTPServiceClient1Policy .
- From the Policies collection, click .
- From the HTTP transport policy configuration panel, change the HTTP connection
read and write timeout values to 500 seconds.
- Click and to save your changes to the master
configuration.
- Click HTTPServiceClient2Policy .
- From the Policies collection, click .
- From the HTTP transport policy configuration panel, change the HTTP connection
timeout value to 360 seconds.
- Click and to save your changes to the master
configuration.
- Attach the custom HTTP transport policy, HTTPServiceClient1Policy, to
your application, ServiceClient1. Similarly, attach the custom HTTP transport
policy, HTTPServiceClient2Policy, to ServiceClient2.
- Click ServiceClient1.
- From the Policy set attachments collection, select the service, ServiceClient1.
- Click and click
on HTTPServiceClient1Policy.
- Click to save your
changes to the master configuration.
- Click ServiceClient2.
- From the Policy set attachments collection, select the service, ServiceClient1.
- Click and click
on HTTPServiceClient2Policy.
- Click to save your
changes to the master configuration.
As a result, the ServiceClient1 application now has the HTTPServiceClient1Policy
attached and the HTTP sessions will use a read and write timeout value of
500 seconds. The ServiceClient2 application has the HTTPServiceClient2Policy
attached and the HTTP sessions will use a connection timeout value of 360
seconds. If desired, you can modify these custom bindings for each attached
custom based HTTP policy to meet your needs.