You can add one or more web services servers to your process
application. Each web services server describes the location of a
web service endpoint and can be referenced when defining an outbound
web service integration. This reference lets you share configuration
information between web service integrations that invoke the same
endpoint, eliminating the need to configure similar information multiple
times. In addition, if you need to change the information associated
with a particular endpoint, you can change the web services server
information and the updated information can be used by any web service
integration that references the web services server.
About this task
The web services server can be configured with policy
sets and bindings. Policy sets simplify the configuration of web services
by providing reusable configurations. A web services policy set defines
a set of configuration properties to be associated with a web service
integration or endpoint. A policy set follows the
WS-Policy
specification. One example of how policy sets can be used is
to configure WS-Security for your web service endpoint or outbound
web service integration. WS-Security provides SOAP message-layer security
using the following means:
- Security tokens: Security tokens contain authentication information
that flows with the message.
- Signature elements: Digital signature information for all or part
of the message verifies that the original request has not been modified.
- Encryption elements: Messages can be encrypted, either completely
or partially, so that only the intended recipient can read it.
You can add a web services server with basic security
or a policy set using the following steps. The policy set and bindings
must have already been configured by a system administrator.
Procedure
- Select the Servers tab from the Process
App Settings editor. You see the Process App
Settings editor when you first click Open in
Designer from a newly created process application in the Process Center.
Alternatively you can select Process App Settings from
the drop-down list on the toolbar in Process Designer.
- Beneath the Servers heading click Add.
Beneath the Server Details heading, enter a
meaningful name for the server. From the drop-down list in the Type field,
select Web Service. Enter a meaningful description
of the server in the Description field. This
field is optional.
- Beneath the Server Locations heading,
enter the following information.
- Environment Type: The environment of the
web service server. Enter the server location information (host name,
port, context path, whether it is a secure server, repository name,
user ID, and password) for each environment type. These environments
are described in the product
overview. If you do not provide values for these environments,
the values from the default environment type are used.
- Default: If you do not provide values for
the following environment types, default values are used.
- Development: The environment where you
develop your services.
- Test: The environment where you test your
services.
- Staging: The environment where you deploy
your services for pre-production testing.
- Production: The environment where your
services are deployed for use by your organization.
- WSDL URL: The URL of the web service. For
example: http://mycorporation.com/webservice/financialstatements?wsdl.
You can enter a URL or use the following buttons to retrieve a URL.
- Browse launches the Registry Explorer.
- Select a registry type from the list and select a registry URL
or enter a new one.
- For protected services, click Is Protected and
enter a userid and password. Click Next.
- Enter the name of the web service and click Search
services. You can include wildcard characters in the name;
for a Universal Description Discovery and Integration (UDDI) registry
use the percent sign (%) and for a WebSphere Service Registry and
Repository (WSRR) registry use an asterisk (*).
- Select a web service, click Next to see
the detailed information and then click Finish.
If you use the Registry Explorer, the WSDL URL, Protected
WSDL, Username and Password fields
are populated automatically. If you enter the URL manually, you must
provide the other information about the WSDL file. You can use text
in the fields or text wrapped by <# ... #> control characters;
that is, as JavaScript code.
- View lets you view the WSDL source code
of a WSDL file.
- Discover lets you discover, that is, verify
that the URL is correct. The Discovery Status field
will show Successfully Discovered.
- Discovery Status: Confirms if you have
made a connection to the server and successfully read the WSDL file.
- Override Endpoint: If selected, lets you
override the WSDL URL field using the fields beneath the check box.
This selection can be useful if you use different endpoints for development
and testing, for example.
- Endpoint Address: The URL of the web service
you want to use. You can use the same format as the WSDL URL field
that you are overriding.
- Port: If there are multiple ports defined
in the WSDL file and there is a specific port for the web service
that you want to use, then enter the port name in this field.
You can enter text in these fields or text wrapped by <# ...
#> control characters; that is, as JavaScript code.
- Security and Policy: Determines the type
of security you will use.
- Use Basic Security: This selection means
either no security or security through a combination of user name
and password, digital signatures and encryption certificates.
- Authentication: Specifies the type of authentication.
Authentication ensures the parties in a transaction are who they claim
to be.
- None: No authentication required.
- HTTP Authentication: User name and password
are passed in a header element of a message.
- UsernameToken (password in plaintext):
The username token passes the user name and password. The password
is in text.
- UsernameToken (password in digest): The
username token passes the user name and password. The password is
in digest form, which means it is a hash value. A hash value for a
user name and password makes these values more difficult to detect.
- Username: The user name registered at the
server.
- Password: The password registered at the
server.
- Client certificate alias: The alias for
the client certificate; that is the alias name that identifies where
the client certificate is located.
- Sign request: Select if you require messages
from the client to be signed.
- Expect encrypted response: Select if the
client expects an encrypted response message.
- Server certificate alias: The alias for
the server certificate; that is the alias name that identifies where
the server certificate is located.
- Encrypt request: Select if you require
the request message to be encrypted.
- Expect signed response: Select if you want
to verify a signed response message from the server.
- Use Policy Set: This selection means that
a policy set will be used to define the configuration and security
requirements for the web service.
- Policy Set: Specifies the name of the application
policy set. Click Select to choose the policy
set. The list you will see depends on the policies available on the
server. Some default application policy sets include: WSHTTPS default,
WSAddressing default, and Username WSSecurity default. You can also
create additional application policy sets in the WebSphere Application
Server Administrative Console. Deselecting a policy set also removes
the policy binding.
- Policy Binding: Specifies the name of the
general client policy set binding, which contains system-specific
configuration parameters like username and password information. Click Select to
choose the policy binding. The list you will see depends on the policy
set bindings available on the server. Default policy set bindings
include: Client sample and Client sample V2. You can also create additional
policy set bindings in the WebSphere Application Server Administrative
Console. Deselecting removes the policy binding.
- Save your work. From the menu, select .