Configuring access for HTTP and HTTPS

By default, the Jazz™ for Service Management application server requires HTTPS (Hypertext Transfer Protocol Secure) access. If you want some users to be able to log in and use the console with no encryption of transferred data, including user ID and password, configure the environment to support both HTTP and HTTPS modes.

Before you begin

After installing Dashboard Application Services Hub and before beginning this procedure, log in to the console to ensure that it has connectivity and can start successfully.

About this task

Configuring for HTTP and HTTPS console access involves editing the web.xml file of Web components. Use this procedure to identify and edit the appropriate Web XML files.

Procedure

Change to the following directory: JazzSM_WAS_Profile/config/cells/JazzSMNode01Cell/applications.
From this location, locate the web.xml files in the following directories:
- For the Integrated Solutions Console web application archive: isc.ear/deployments/isc/isclite.war/WEB-INF
- For the Charts web application archive: isc.ear/deployments/isc/tip.charts.war/WEB-INF
- For the Dashboard Application Services Hub Change Password web application archive: isc.ear/deployments/isc/TIPChangePasswd.war/WEB-INF
Open one of the web.xml files using a text editor.
Find the <transport-guarantee> element. The initial value of all <transport-guarantee> elements is CONFIDENTIAL, meaning that secure access is always required.
Change the setting to NONE to enable both HTTP and HTTPS requests. The element now reads: <transport-guarantee>NONE</transport-guarantee>.
Note: Ensure that every instance of <transport-guarantee> is set to a value of NONE.
Save the file, and then repeat these steps for the other web.xml deployment files.
Stop and restart the server.

Example

The following example is a section of the web.xml file for TIPChangePasswd where the transport-guarantee parameter is set to NONE:

	<security-constraint>
		<display-name>
		ChangePasswdControllerServletConstraint</display-name>
		<web-resource-collection>
			<web-resource-name>ChangePasswdControllerServlet</web-resource-name>
			<url-pattern>/*</url-pattern>
		</web-resource-collection>
		<auth-constraint>
	    	<description>Roles</description>
			<role-name>administrator</role-name>
            <role-name>operator</role-name>
            <role-name>configurator</role-name>
            <role-name>monitor</role-name>
            <role-name>iscadmins</role-name>
		</auth-constraint>
		<user-data-constraint>
			<transport-guarantee>NONE</transport-guarantee>
		</user-data-constraint>
	</security-constraint>

What to do next

Users must now specify a different port, depending on the mode of access. The default port numbers are as follows:

http://<host_name>:16310/ibm/console: Use the HTTP port for logging in to the Dashboard Application Services Hub on the HTTP port .

https://<host_name>:16311/ibm/console: Use the HTTPS secure port for logging in to the Dashboard Application Services Hub.

Note: If you want to use single sign-on (SSO) then you must use the fully qualified domain name of the Dashboard Application Services Hub host.