Secure Socket Layer (SSL) with Web Services
TIBCO MDM uses AXIS2 as a provider of web services. To serve the web service requests over https; AXIS2 needs to be configured to receive messages on HTTPS transport. Hence, the end point reference or URLs starting with https:// can be served. This requires configuring transportReceiver for https in axis2.xml.
The following section needs to be uncommented and configured in axis2.xml. This file is provided in $MQ_HOME/ECM.ear/EML.war/WEB-INF/conf directory.
<!-- the non blocking https transport based on HttpCore + SSL-NIO extensions <transportReceiver name="https" class="org.apache.axis2.transport.nhttp.HttpCoreNIOSSLListener"> <parameter name="port" locked="false">9002</parameter> <parameter name="non-blocking" locked="false">true</parameter> <parameter name="keystore" locked="false"> <KeyStore> <Location>identity.jks</Location> <Type>JKS</Type> <Password>password</Password> <KeyPassword>password</KeyPassword> </KeyStore> </parameter> <parameter name="truststore" locked="false"> <TrustStore> <Location>trust.jks</Location> <Type>JKS</Type> <Password>password</Password> </TrustStore> </parameter>--> <!--<parameter name="SSLVerifyClient">require</parameter> supports optional|require or defaults to none --> <!--</transportReceiver>-->
This does not support client certification authentication, that is, it is one way SSL.
The new web services such as Administrator, Data, Content, and Event Management web services require various types of authentication. The subsequent sections provide the detailed information on authentication for each of these web services.