Configuring the HTTP transport policy

When working with policy sets in the administrative console, you can customize policies to ensure message security. You can customize the Hypertext Transfer Protocol (HTTP) transport policy configuration or use the policy as it is provided with the default settings.

Before you begin

You can configure some settings for default policies for custom policy sets. The provided default policy sets cannot be edited. To customize a policy set, you must create a copy of the default policy set or create a new policy set and specify the policies for the custom policy set.

About this task

You can configure HTTP transport with the HTTP transport policy. HTTP is an application-level protocol for distributed, collaborative, hypermedia information systems. It is a generic, stateless, protocol that can be used for many tasks beyond its use for hypertext, such as name servers and distributed object management systems, through extension of request methods, error codes and headers. A feature of HTTP is the typing and negotiation of data representation, allowing systems to be built independently of the data being transferred. HTTP features and HTTP connections properties are applied to outbound messages for both the service client and service provider.

You can only configure a policy through a policy set. Therefore, before you can configure the HTTP transport policy, a policy set must exist that contains the HTTP transport policy. The provided default WSHTTPS policy set is read only and it cannot be edited. To customize a policy set that contains the HTTP transport policy, you must first create a copy of the WSHTTPS default policy set or create a new policy set and add the HTTP transport policy to the new policy set.

Avoid trouble: The WSHTTPS default policy set contains the HTTP transport policy, the SSL transport policy and WS-Addressing policy. If you do not require the SSL transport policy or the WS-Addressing policy, you can customize your copy of the WSHTTPS default policy set to delete the policies that you do not require.

After you have created a copy of the WSHTTPS default policy set or created a new policy set with the HTTP transport policy added, you can customize the HTTP transport policy. Use the HTTP transport policy settings panel to customize the values of the HTTP transport policy properties such as read or write timeout values. Your customized values for the HTTP transport policy now apply for your policy set that contains that custom HTTP transport policy. You can attach this policy set containing your customized HTTP transport policy to your Java API for XML-Based Web Services (JAX-WS) application, its services, endpoints, or operations. This change affects all JAX-WS applications to which that policy set is attached. To learn more about attaching policy sets to applications, see the documentation for managing policy sets for service providers and service clients at the application level.

For example, if you have multiple policy sets, mypolicyset1 and mypolicyset2, containing the HTTP transport policy, you can customize the HTTP transport policy for each policy set to reflect different properties, such as timeout values. Now, you can attach these customized policy sets to one or more applications and these applications will use the HTTP property values associated with the HTTP transport policy that is contained within the attached policy set.

Procedure

  1. Create a policy set that contains the HTTP transport policy.
    1. Create a custom policy set.

      From the administrative console, click Services > Policy Sets > Application policy sets. From this panel you can create a new policy set, copy an existing default policy set such as WSHTTPS, import a copy of a policy set from the default repository or you can import an existing policy set from your specified location.

    2. Add the HTTP transport policy to the policy set.
      From the administrative console, click Services > Policy Sets > Application policy sets > policy_set_name. In the policy collection, click HTTP transport. The HTTP transport window displays options for configuring the HTTP settings for the transport policy.
    3. In the Protocol Version drop down list, click the HTTP version to use.
      HTTP 1.1 is the default setting but HTTP 1.0 is also available. Selecting HTTP 1.1 enables more of the function on the rest of the HTTP transport window as some of the options are not available for HTTP version 1.0.
    4. Complete the HTTP Features section.
      The following check boxes determine which HTTP features are enabled for this transport:
      Session Enabled
      Whether the HTTP session is enabled when a message is sent.
      Enable chunked transfer encoding
      Whether chunked transfer encoding is enabled when a message is sent. This option is only available if HTTP 1.1 is selected in the Protocol version field (it is greyed out and disabled if HTTP 1.0 is selected).
      Send expect "100-request" header
      Displays whether the expect "100-request" header is enabled when a message is sent. This option is only available if HTTP 1.1 is selected in the Protocol version field (it is greyed out and disabled if HTTP 1.0 is selected).
      Accept URL redirection automatically
      Displays whether the URL is automatically redirected when a message is sent.
      Compress request content
      Displays whether the request content is compressed when a message is sent.
      Compress response content
      Displays whether the response content is compressed when a message is sent.
    5. Complete the HTTP Connections section.
      The following fields determine how HTTP connections are configured for this transport:
      Read timeout
      Displays the length of time, in seconds, for the read to time out when a message is sent.
      Write timeout
      Displays the length of time, in seconds, for the write to time out when a message is sent.
      Connection timeout
      Displays the length of time, in seconds, for the connection to time out when a message is sent.
      Use persistent connection
      Displays whether a persistent connection is to be used when a message is sent. This option is only available if HTTP 1.1 is selected in the Protocol version field.
      Resend enabled
      Displays whether or not a message can be resent. Click this check box to enable a message to be sent again.
  2. Customize the HTTP transport provider bindings.
    1. Navigate to the HTTP transport provider bindings.
      From the administrative console, click Services > Policy Sets > General provider policy set bindings > provider_policy_set_binding_name > HTTP transport.

      The HTTP transport (bindings) window displays options for configuring the HTTP transport bindings.

    2. Specify the properties for the Proxy for outbound asynchronous service responses.

      The following fields determine proxy specifications for outbound asynchronous service responses:

      Host
      Displays the host name for the outbound asynchronous service responses proxy.
      Port
      Displays the port number for the outbound asynchronous service responses proxy. You can enter or edit the port number.
      User name
      Displays the user name for the outbound asynchronous service responses proxy.
      Password
      Displays a placeholder for the password for the outbound asynchronous service responses proxy. You can enter or edit the password. The actual password is masked.
      Confirm password
      Displays a placeholder for the password for the outbound asynchronous service responses proxy that must match the one in the Password field. The actual password is masked.
    3. Specify the properties for the Basic authentication for outbound asynchronous responses.

      The following fields determine authentication specifications for outbound asynchronous responses:

      User name
      Displays the user name for basic authentication of outbound asynchronous responses.
      Password
      Displays a placeholder for the password for basic authentication of outbound asynchronous responses. The actual password is masked.
      Confirm password
      Displays a placeholder for the password for basic authentication of outbound asynchronous responses that must match the one in the Password field. The actual password is masked.
  3. Customize the HTTP transport client bindings.
    1. Navigate to the HTTP transport client bindings.
      From the administrative console, click Services > Policy Sets > General client policy set bindings > provider_policy_set_binding_name > HTTP transport.

      The HTTP transport (bindings) window displays options for configuring the HTTP transport bindings.

    2. Specify the properties for the Proxy for outbound service requests.
      The following fields determine proxy specifications for outbound service requests:
      Host
      Displays the host name for the outbound service request proxy.
      Port
      Displays the port number for the outbound service request proxy.
      User name
      Displays the user name for the outbound service request proxy.
      Password
      Displays a placeholder for the password for the outbound service request proxy. The actual password is masked.
      Confirm password
      Displays a placeholder for the password for the outbound service request proxy that must match the one in the Password field. The actual password is masked.
    3. Specify the properties for Basic authentication for outbound service requests.
      The following fields determine authentication specifications for outbound service requests:
      User name
      Displays the user name for basic authentication of outbound service requests.
      Password
      Displays a placeholder for the password for basic authentication of outbound service requests. The actual password is masked.
      Confirm password
      Displays a placeholder for the password for basic authentication of outbound service requests that must match the one in the Password field. The actual password is masked.

Results

After you have customized the HTTP transport policy, the associated policy set uses this policy to protect message transmission.

Example

You can attach policy sets to an application, its services, endpoints, or operations. In this example scenario, suppose you have two different JAX-WS service clients for your application, but you want to use different HTTP transport property values for each service client. Specifically, you want to configure a different read or write timeout value for each service client. To modify the HTTP timeout values, you can edit the values of the HTTP transport policy that is contained within the policy set that is attached to your application or in this case, your service client. This change affects all applications to which the policy set containing the custom HTTP transport policy is attached.

This example describes the steps for configuring different read, write, and connection timeout values for service clients deployed in the same application server. This example makes the following assumptions:
  • There are two JAX-WS service clients, ServiceClient1 and ServiceClient2, that are deployed in the application server.
  • The HTTP transport policy has not been previously attached to these applications.
  1. Create two new policy sets and add the HTTP transport policy to them. For example: HTTPServiceClient1Policy and HTTPServiceClient2Policy
    1. Click Services > Policy sets > Application policy sets > New .
    2. Enter the name of the new application policy set, HTTPServiceClient1Policy.
    3. From the Policies collection, click Add > HTTP transport.
    4. Click Apply and Save to save your changes to the master configuration.
    5. Repeat these steps to create the HTTPServiceClient2Policy.
  2. Customize the HTTP transport policy settings for the newly created HTTPServiceClient1Policy and HTTPServiceClient2Policy policy sets. For example, customize the read and write timeout values for the HTTP transport policy contained in the HTTPServiceClient1Policy policy set and the connection timeout value for the HTTP transport policy contained in the HTTPServiceClient2Policy policy set.
    1. Click Services > Policy sets > Application policy sets >HTTPServiceClient1Policy .
    2. From the Policies collection, click HTTP transport.
    3. From the HTTP transport policy configuration panel, change the HTTP connection read and write timeout values to 500 seconds.
    4. Click Apply and Save to save your changes to the master configuration.
    5. Click Services > Policy sets > Application policy sets >HTTPServiceClient2Policy .
    6. From the Policies collection, click HTTP transport.
    7. From the HTTP transport policy configuration panel, change the HTTP connection timeout value to 360 seconds.
    8. Click Apply and Save to save your changes to the master configuration.
  3. Attach the custom HTTP transport policy, HTTPServiceClient1Policy, to your application, ServiceClient1. Similarly, attach the custom HTTP transport policy, HTTPServiceClient2Policy, to ServiceClient2.
    1. Click Services > Service clients > ServiceClient1.
    2. From the Policy set attachments collection, select the service, ServiceClient1.
    3. Click Attach Client Policy Set and click on HTTPServiceClient1Policy.
    4. Click Save to save your changes to the master configuration.
    5. Click Services > Service clients > ServiceClient2.
    6. From the Policy set attachments collection, select the service, ServiceClient2.
    7. Click Attach Client Policy Set and click on HTTPServiceClient2Policy.
    8. Click Save to save your changes to the master configuration.

As a result, the ServiceClient1 application now has the HTTPServiceClient1Policy attached and the HTTP sessions will use a read and write timeout value of 500 seconds. The ServiceClient2 application has the HTTPServiceClient2Policy attached and the HTTP sessions will use a connection timeout value of 360 seconds.

What to do next

You can customize policies to ensure message security by configuring the SSL transport policy.