Difference between revisions of "I2Rest secured gate"
Pavel.lobko (talk | contribs) (Created page with "{{DISPLAYTITLE:Parameters for starting secured i2Rest server instance}} <<Anchor(SSL)>> == SSL parameters == i2Rest can serve client requests using protected HTTPs connectio...") |
Pavel.lobko (talk | contribs) |
||
| (6 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
{{DISPLAYTITLE:Parameters for starting secured i2Rest server instance}} | {{DISPLAYTITLE:Parameters for starting secured i2Rest server instance}} | ||
| − | |||
| − | |||
== SSL parameters == | == SSL parameters == | ||
| − | i2Rest can serve client requests using protected HTTPs connection. i2Rest is using standard Global Security Kit (GSKit) APIs in order to protect client connections. All parameters of protection are defined in [[Create Server Application|Server Application]]. In order to use HTTPs protocol, it is necessary to set up the following parameters in server configuration: | + | i2Rest can serve client requests using protected HTTPs connection. i2Rest is using standard Global Security Kit (GSKit) APIs in order to protect client connections. All parameters of protection are defined in [[Create Server Application|Server Application]]. <br> In order to use HTTPs protocol, it is necessary to set up the following parameters in server configuration: |
| − | |||
| − | |||
| + | 1. Set up HTTPs protocol in "gates" section and define server application name in dcm_server_id: | ||
"gates": | "gates": | ||
{ | { | ||
| Line 17: | Line 14: | ||
(here https protocol will be used only for connections with [[i2Rest Gates#main_gate|Main gate]], and all SSL settings will be defined by DCM server application MYSERVER) | (here https protocol will be used only for connections with [[i2Rest Gates#main_gate|Main gate]], and all SSL settings will be defined by DCM server application MYSERVER) | ||
| − | 2. When sessions are obliged to use secured connections with session gate, it is required to define -dcm_client_id parameter in "submit" command: | + | 2. When sessions are obliged to use secured connections with session gate, it is required to define -dcm_client_id parameter in "submit" command: |
| − | + | "session_systems": | |
| − | "session_systems": | + | [ |
| − | [ | + | { |
| − | + | "name" : "*LOCAL", | |
| − | + | "submit" : "SBMJOB USER(${user}) CMD(CALL I2REST/I2REST PARM('-session' '-url' '${surl}' '-dcm_client_id' 'MYCLIENT' '-uid' '${uid}' '-user' '${user}' '-init'))" | |
| − | + | } | |
| − | + | ] | |
| − | ] | ||
| − | |||
Latest revision as of 12:36, 14 April 2020
SSL parameters
i2Rest can serve client requests using protected HTTPs connection. i2Rest is using standard Global Security Kit (GSKit) APIs in order to protect client connections. All parameters of protection are defined in Server Application.
In order to use HTTPs protocol, it is necessary to set up the following parameters in server configuration:
1. Set up HTTPs protocol in "gates" section and define server application name in dcm_server_id:
"gates":
{
"main" : {"url":"https://192.168.0.233:22088", "dcm_server_id":"MYSERVER", ...},
"manager" : {"url":"http://192.168.0.233:8080", ...},
"session" : {"url":"file:///tmp/session_gate", ...}
}
(here https protocol will be used only for connections with Main gate, and all SSL settings will be defined by DCM server application MYSERVER)
2. When sessions are obliged to use secured connections with session gate, it is required to define -dcm_client_id parameter in "submit" command:
"session_systems":
[
{
"name" : "*LOCAL",
"submit" : "SBMJOB USER(${user}) CMD(CALL I2REST/I2REST PARM('-session' '-url' '${surl}' '-dcm_client_id' 'MYCLIENT' '-uid' '${uid}' '-user' '${user}' '-init'))"
}
]
