Setting HTTP Security

www.altova.com Print this Topic Previous Page Up One Level Next page

Home >  Calling Web Services >

Setting HTTP Security

The HTTP security settings must be configured in the following cases:

 

You are calling a Web service through HTTPS and the Web service requires a client certificate
The service uses an incorrect server certificate
The Web service requires HTTP authentication.

 

 

To set HTTP security:

1.Open the Web Service Call Settings dialog box (see Web Service Call Settings).
2.Click the Edit button next to HTTP Security Settings.

mf_ws_09

HTTP Security Settings dialog box

The "HTTPS (TLS)" group of options applies for Web services called through HTTPS.

 

Check Server Certificate

This check box is selected by default, meaning the MapForce is configured to check the certificate of the server before proceeding with the request. When this option is enabled, the Web service request (and the mapping) will fail if the server is not trusted, or if your operating system is not configured to trust the Web server.

 

It is not recommended to switch this option off unless you have a good reason to do so.

 

See also Digital Certificate Management.

Allow host name mismatch between certificate and request

Sometimes a server certificate issued for a particular host name (for example, www.example.com) is installed on a different host name (for example, example.com).

 

Select this check box to proceed with authentication even if the host name of the certificate does not match the host name called by the Web service.

Client certificate

Click Select to choose a client certificate from the Current User\Personal certificate store. This assumes the client certificate already exists in the Current User\Personal certificate store; otherwise, you can import it using the Certificates snap-in (see Accessing the Certificate Stores on Windows).

 

If the mapping will be deployed for execution to another operating system, the same certificate must be installed on the target operating system as well. For further information, see Digital Certificate Management.

 

The "HTTP Authentication" group of options applies if the Web service requires HTTP authentication.

 

Username

Specifies the username required to access the Web service.

Password

Specifies the password required to access the Web service.

Dynamic authentication

Select this check box if you would like to supply the username and password from the mapping instead of entering them into this dialog box.

Preemptive authentication

Select this check box if the Web service is configured to expect authentication data in the first call.

 

Otherwise, MapForce attempts access without username and password and will use them if the server requires authorization (HTTP status 401).


© 2019 Altova GmbH