Difference between revisions of "I2Rest secured gate"
Pavel.lobko (talk | contribs) (Created page with "{{DISPLAYTITLE:Parameters for starting secured i2Rest server instance}} <<Anchor(SSL)>> == SSL parameters == i2Rest can serve client requests using protected HTTPs connectio...") |
Pavel.lobko (talk | contribs) |
||
| Line 6: | Line 6: | ||
i2Rest can serve client requests using protected HTTPs connection. i2Rest is using standard Global Security Kit (GSKit) APIs in order to protect client connections. All parameters of protection are defined in [[Create Server Application|Server Application]]. In order to use HTTPs protocol, it is necessary to set up the following parameters in server configuration: | i2Rest can serve client requests using protected HTTPs connection. i2Rest is using standard Global Security Kit (GSKit) APIs in order to protect client connections. All parameters of protection are defined in [[Create Server Application|Server Application]]. In order to use HTTPs protocol, it is necessary to set up the following parameters in server configuration: | ||
| − | 1. Set up HTTPs protocol in "gates" section and define server application name in dcm_server_id: | + | 1. Set up HTTPs protocol in "gates" section and define server application name in dcm_server_id: |
| − | |||
"gates": | "gates": | ||
{ | { | ||
| Line 18: | Line 17: | ||
2. When sessions are obliged to use secured connections with session gate, it is required to define -dcm_client_id parameter in "submit" command:<<BR>> | 2. When sessions are obliged to use secured connections with session gate, it is required to define -dcm_client_id parameter in "submit" command:<<BR>> | ||
| − | + | "session_systems": | |
| − | "session_systems": | + | [ |
| − | [ | + | { |
| − | + | "name" : "*LOCAL", | |
| − | + | "submit" : "SBMJOB USER(${user}) CMD(CALL I2REST/I2REST PARM('-session' '-url' '${surl}' '-dcm_client_id' 'MYCLIENT' '-uid' '${uid}' '-user' '${user}' '-init'))" | |
| − | + | } | |
| − | + | ] | |
| − | ] | ||
| − | |||
Revision as of 12:15, 14 April 2020
<<Anchor(SSL)>>
SSL parameters
i2Rest can serve client requests using protected HTTPs connection. i2Rest is using standard Global Security Kit (GSKit) APIs in order to protect client connections. All parameters of protection are defined in Server Application. In order to use HTTPs protocol, it is necessary to set up the following parameters in server configuration:
1. Set up HTTPs protocol in "gates" section and define server application name in dcm_server_id:
"gates":
{
"main" : {"url":"https://192.168.0.233:22088", "dcm_server_id":"MYSERVER", ...},
"manager" : {"url":"http://192.168.0.233:8080", ...},
"session" : {"url":"file:///tmp/session_gate", ...}
}
(here https protocol will be used only for connections with Main gate, and all SSL settings will be defined by DCM server application MYSERVER)
2. When sessions are obliged to use secured connections with session gate, it is required to define -dcm_client_id parameter in "submit" command:<
>
"session_systems":
[
{
"name" : "*LOCAL",
"submit" : "SBMJOB USER(${user}) CMD(CALL I2REST/I2REST PARM('-session' '-url' '${surl}' '-dcm_client_id' 'MYCLIENT' '-uid' '${uid}' '-user' '${user}' '-init'))"
}
]
