Integration with IBM WebSphere DataPower as a security gateway and reverse proxy
Protect your mobile-application traffic by using IBM® WebSphere® DataPower® as a reverse proxy and security gateway in the DMZ between client applications and MobileFirst Server.
Protecting mobile-application traffic that enter your network from customer and employee devices involves preventing data from being altered, authenticating users, and allowing only authorized users to access applications. You can use the DataPower security-gateway features of to protect mobile-application traffic that is initiated by client MobileFirst applications.
Enterprise topologies are designed to include different protection zones so that specific processes can be secured and optimized. You can use DataPower in different ways in the DMZ (a firewall configuration for securing local area networks) and in other zones within your network to protect enterprise resources. When you start to build MobileFirst applications to be delivered to the devices of your customers and employees, you can apply these methods to protect the mobile-application traffic.
You can use DataPower as a front-end reverse proxy and security gateway. DataPower uses a multiprotocol gateway (MPGW) service to proxy and secure access to MobileFirst mobile applications. You can select the method that DataPower will use to authenticate the mobile client, such as HTTP basic authentication or HTML forms-based authentication. The following topics demonstrate how to implement this topology by using either HTTP basic authentication or HTML forms-based authentication. You can adjust the procedure, as needed, to use a different authentication method. For more information about configuring DataPower, see the WebSphere DataPower documentation.
- Install and configure a MobileFirst environment, and test the installation with a simple application without DataPower acting as the reverse proxy.
- Test your application logic and verify that it works.
- Configure your MobileFirst project to work with your preferred reverse-proxy DataPower gateway configuration.
- Configure a multi-protocol gateway on your DataPower appliance to use DataPower as a proxy for your MobileFirst mobile application or MobileFirst Operations Console. As part of the configuration select your preferred authentication method for the DataPower AAA (authentication, authorization, audit) policy.
- Run your application and attempt to access a protected resource to test the implementation.