Re-enabling HTTP access in Business Automation Workflow temporarily

IBM® Business Automation Workflow doesn't support HTTP by default. It is not recommended that you switch to HTTP because it makes Business Automation Workflow less secure. However, if you are upgrading from IBM BPM V8.5 and can't immediately modify your connections to use secure HTTPS, you can re-enable HTTP access in Business Automation Workflow temporarily.

About this task

Your environment reverts to the state of IBM Business Process Manager V8.5.7 CF2016.12 and earlier versions of IBM BPM V8.5 after completing these steps.

Procedure

Follow these steps assuming the name of your deployment environment is De1:

  1. Shut down all the servers.
  2. Go to the <install_root>/bin directory, and run wsadmin -conntype none -lang jython -profileName dmgrProfile. For Business Automation Workflow Express, use the stand-alone server's profile.
  3. If secure connections are used, Business Automation Workflow marks the cookies as secure by default. However, if you re-enabled non-secure http:// access to Business Automation Workflow, you may have disabled the Secure flag for Business Automation Workflow cookies by setting the deployment-level custom property ProcessServer.MarkCookiesSecureOnSecureConnections to false. When reverting to secure HTTPS, you should re-enable the Secure flag and set the property back to true.
    To set the property to true, you can use the following command (which assumes that your deployment environment is named De1): 
    AdminTask.setBPMProperty(['-de', 'De1', '-name', 'ProcessServer.MarkCookiesSecureOnSecureConnections', '-value', 'true])"
  4. Enter the following commands on the wsadmin prompt (where De1 is the name of your Business Automation Workflow deployment environment): 
    wsadmin> print AdminTask.configureBPMTransportSecurity( [ '-de', 'De1', '-apps', '201612', '-transportSecurity', 'allowhttp'] )
wsadmin> print AdminTask.configureBPMTransportSecurity( [ '-de', 'De1', '-apps', 'productREST', '-transportSecurity', 'allowhttp'] )
wsadmin> AdminTask.configureSingleSignon('-requiresSSL false')
wsadmin> for server in AdminUtilities.convertToList(AdminTask.listServers('-serverType APPLICATION_SERVER')):
 
    wsadmin> for cookie in AdminUtilities.convertToList(AdminConfig.list('Cookie', server)):
    Note: This line must be indented one space.
    wsadmin> AdminConfig.modify(cookie, [['secure','false']])
    Note: This line must be indented two spaces.
    wsadmin>
    Note: This line is a required empty line to end the loop. Just press Enter.
    wsadmin> AdminConfig.save()
wsadmin> exit
  5. Restart all the servers.

What to do next

Don't leave HTTP enabled permanently. After you change all your server communications to use HTTPS, follow the instructions in Reverting to secure HTTPS .