X hits on this document

307 views

0 shares

7 downloads

0 comments

6 / 19

WCF WS http bindings WCF Client

3. Set up SecureConv if needed (Kerberos->SCT)

DataPower Device

Web Service In DMZ

  • 4.

    Request secured by #2 or #3

  • 6.

    Response secured by #2 or #3

wsp-sp-1-2-ws2007HttpBinding WS-SecurityPolicy Enabled

WS-Proxy wsp-sp-1-1-wsHttpBinding

5.Req/Resp msg

1. Authentication

Cancel the SecureConv when all requests are done

2. Kerberos Token

decrypt

AAA WS-Security

signEnabled Actions verify

encrypt

Windows Server®

6

DataPower WCF integration

© 2010 IBM Corporation

In this diagram, the Windows server acts as the KDC and the server principal name of the DP box should be created in that KDC and the keytab should be copied on to DataPower, so that DataPower can decrypt/verify the Kerberos tokens sent by the client. The secure conversation mentioned in step 3 is optional and can be enabled/disabled at the WCF client’s configuration. (set EstablishSecurityContext = false in the client’s app.config to disable secure conversation)

380DataPowerWCFIntegration.ppt

Page 6 of 19

Document info
Document views307
Page views446
Page last viewedSat Dec 03 07:37:30 UTC 2016
Pages19
Paragraphs430
Words3061

Comments