IBM Security Access Manager for Enterprise Single Sign-On, Version 8.2

Restricting HTTP connections

You can use the IBM® HTTP Server mod_rewrite module to restrict HTTP connections only to specific pages.

About this task

SOAP and web traffic between the IMS Server and IBM HTTP Server occur over a secure HTTPS connection. HTTP is used only for the initial distribution of trusted certificates to the end points. After all trusted certificates are distributed to the endpoints, you can block the HTTP port. You can then redirect other HTTP requests to a secure HTTPS connection.

Procedure

Log on to the WebSphere® Administrative Console.
Click Servers > Server Types > Web servers.
Choose the Web server.
In Additional Properties, click Configuration File.

Add the following lines to the web server configuration file.

If standard HTTP and HTTPS ports are used:

LoadModule rewrite_module modules/mod_rewrite.so
<VirtualHost *:80>
RewriteEngine on 
RewriteCond %{REQUEST_URI} !
^/ims/services/encentuate\.ims\.service\.DownloadService$
RewriteRule ^/(.*) https://server_name/$1 [L,R] </VirtualHost>

server_name: Replace server name with your server name.

If non-standard HTTP and HTTPS ports are used:

LoadModule rewrite_module modules/mod_rewrite.so
<VirtualHost *:port_number>
RewriteEngine on 
RewriteCond %{REQUEST_URI} !
^/ims/services/encentuate\.ims\.service\.DownloadService$
RewriteRule ^/(.*) https://server_name/$1 [L,R] </VirtualHost>

port_number Replace the port number with the custom HTTP or HTTPS port number.
server_name Replace the server name with your server name.

Click OK.

Feedback