HTTP Transport Configuration Page

The HTTP transport now supports both HTTP and HTTPS endpoints.

The Create/Edit a Proxy Service - HTTP Transport Configuration page is one in a series of pages for creating and editing proxy services, as described in Creating and Configuring Proxy Services and Editing Proxy Service Configurations.

Use this page to configure transport settings for a proxy service using the HTTP transport protocol. Table 17-7 describes how to use the page.

Table 17-7 Create/Edit a Proxy Service - HTTP Transport Configuration Page 
Option
To create or edit...
HTTPS required
Select this check box for inbound HTTPS endpoints.
To learn more, see Configuring Transport-Level Security in the AquaLogic Service Bus Security Guide.
Authentication
Select one of the following:
  • None - Specifies that authentication is not required.
  • Basic - Specifies that basic authentication is required to access this service.
  • Basic authentication instructs WebLogic Server to authenticate the client using a user name and password against the authentication providers configured in the security realm, such as a Lightweight Directory Access Protocol (LDAP) directory service and Windows Active Directory. The client must send its user name and password on the HTTP request header.

    Basic authentication is strongly discouraged over HTTP because the password is sent in clear text. However, it is safe to send passwords over HTTPS because HTTPS provides an encrypted channel.

    Warning: By default, all users (authorized and anonymous) can access a proxy service. To limit the users who can access a proxy service, create a transport-level authorization policy. See Editing Transport-Level Access Policies.

  • Client Certificate - Specifies encrypted communication and strong client authentication (two-way SSL). To learn more, see Configuring Transport-Level Security in the AquaLogic Service Bus Security Guide.
  • Custom Authentication - Specifies that an authentication token is contained in an HTTP header. The client's identity is established through the use of this client-supplied token. You must configure an Identity Assertion provider that maps the token to an ALSB user.
  • The custom authentication token can be of any active token type supported by a configured WebLogic Server Identity Assertion provider.

Dispatch Policy
Select a dispatch policy for this endpoint. Leave blank to use the default dispatch policy.
Dispatch policy refers to the instance of WLS Work Manager that you want to use for the service endpoint. For information about Work Managers, see Using Work Managers to Optimize Scheduled Work and Create Work Manager in the WebLogic Server Administration Console Online Help.
Request Encoding
  • For HTTP inbound transports:
  • If the character set encoding parameter of the Content-Type header is not specified in Client Request, enter a character set encoding parameter. If you do not enter a value, the field defaults to ISO-8859-1.

  • For HTTP outbound transports:
  • If you have not configured a request encoding, the ALSB run time decides the most appropriate encoding while it makes a request to the business service. In the case of a non-passthrough scenario, the default character encoding is UTF-8 at run time. However if it is a passthrough scenario, the run time will pass through the encoding received with the outbound response.

Response Encoding
Accept the default ISO-8859-1 as the character set encoding for responses in HTTP transports, or enter a different character set encoding.
Advanced Settings
Authentication Header
Enter the HTTP header (any except Authorization) from which ALSB is to extract the token. This field is available only if you selected the Custom Authentication check box.
For example, client-xyz-token.
Authentication Token Type
Select an authentication token type. Only the active token types configured for an Identity Assertion provider are available. (See Configuring Identity Assertion Providers for Custom Tokens for more information.) This field is available only if you selected the Custom Authentication check box.

After you finish

Click Next to continue configuring this service on the next page; or click Last to review and save this configuration on the Create/Edit a Proxy Service - Summary page.