HydraExpress provides security at the transport level through the HTTPS transport.
The HydraExpress Agent automatically handles messages sent on secure transports (HTTPS) through its HTTPS connector. The default port for receiving HTTPS requests is 8443.
The HTTPS connector is configured in the main Agent configuration file, rwagent.xml, located in your <installdir>\conf directory, shown below:
<rwsf:connector name="HTTPS (HTTP/1.1)" class="rwsf_transport_https35.createHttpsConnectorImp" handlerChain="http"> <rwsf:property name="accepter-threads" value="2"/> <rwsf:property name="thread-pool-min" value="5"/> <rwsf:property name="thread-pool-max" value="10"/> <rwsf:property name="host" value="localhost"/> <rwsf:property name="port" value="8443"/> <rwsf:property name="request-backlog" value="5"/> <rwsf:property name="request-buffersize" value="4096"/> <rwsf:property name="request-timeout" value="30000"/> <rwsf:property name="ssl-quiet-shutdown" value="false"/> <rwsf:property name="ssl-certificate" value="${RWSF_CONF}/certs/localhost.crt"/> <rwsf:property name="ssl-private-key" value="${RWSF_CONF}/certs/localhost.key"/> <rwsf:property name="security-init-seed" value="123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890"/> <rwsf:property name="security-init-seed-type" value="string"/> </rwsf:connector>
Table 6 lists the configurable properties.
Property name | Types | Description |
accepter-threads |
int | Specifies the number of threads that should be spawned listening for new connections. Defaults to 1. |
thread-pool-min |
int | The minimum number of threads to be created in the thread pool. Defaults to 5. |
thread-pool-max |
int | The maximum number of threads to be created in the thread pool. Defaults to 10. |
port |
string | Port name used to create a listener socket. Defaults to 8443. |
request-backlog |
int | The number of pending connection requests allowed before the system starts refusing connections. The value specified in the default configuration files is 5. |
request-buffersize |
long | Size of the buffer used to receive incoming messages. Smaller values may result in slower performance. Larger values may result in wasted space. The value specified in the default configuration files is 4096. If no value is specified, the default is no buffering. |
request-timeout |
long | Timeout used when returning a request to the client. The value is specified in milliseconds. The value specified in the default configuration files is 30000. If not specified, the listener blocks indefinitely. |
ssl-quiet-shutdown |
bool | During normal shutdown of an SSL connection, both sides will attempt to perform a final handshake indicating that each has agreed to close the connection. If one side closes the connection before the other can send its part of the handshake, this operation can fail with an exception or signal. This property disables this final handshake. The default value is false. |
ssl-certificate |
string | This property indicates the file that contains the X.509 Certificate for the client. This property is mandatory if performing server authentication. This property cannot be changed until the transport disconnects.1 |
ssl-private-key |
string | This property indicates the file that contains the Private Key for the client. This property is mandatory if performing server authentication. This property cannot be changed until the transport disconnects.1 |
security-init-seed |
string | This is used as the seed for the random number generator. This value cannot be changed until the transport disconnects. |
security-init-seed-type |
string | If this property is set to string, it indicates that the security-init-seed property contains a seed string. If set to filename, it indicates that the security-init-seed property contains the name of a file holding the seed. |
To send a message using HTTPS from within HydraExpress, just change the location in the WSDL to use an HTTPS address and port. For example, change the following address:
<soap:address location="http://localhost:8090/DemoProject/DemoProjectService"/>
to use an HTTPS transport:
<soap:address location="https://localhost:8443/DemoProject/DemoProjectService"/>
©2004-2007 Copyright Quovadx, Inc. All Rights Reserved.
Quovadx and Rogue Wave are registered trademarks of Quovadx, Inc. in the United States and other countries. All other trademarks are the property of their respective owners.
Contact Rogue Wave about documentation or support issues.