282 Security in WebSphere Application Server Version 6.1 and J2EE 1.4 on z/OS
8.5 Confidentiality and basic authentication
Configuring basic authentication over SSL is accomplished by combining the
steps in 8.1, “Authentication with HTTP” on page 246 and 8.3, “Confidentiality
with SSL” on page 268. The steps have been outlined in order below:
1. “Configuring the z/OS Web service provider with authentication” on page 247
2. “Configuring the Web service requestor to authenticate” on page 249
3. “Configuring the z/OS Web service provider SSL configuration” on page 255
4. “Configuring the Web service requestor SSL configuration” on page 261
5. “Configuring the z/OS Web service provider for confidentiality” on page 269
6. “Configuring the Web service requestor for confidentiality” on page 269
8.6 Confidentiality and client certificate authentication
Client certificate authentication occurs during an SSL handshake when the
server sends a certificate request after sending its own certificate. The client
provides its certificate with a public key to the server. During the certificate verify
step, the client sends a certificate verify message in which it encrypts a known
piece of plain text using its private key. The server uses the client certificate to
decrypt the message, therefore confirming that the client has the private
key.“SSL Flow” on page 95 illustrates where the steps for client certificate
authentication occur during an SSL handshake.
Note: It is also possible to invoke the Web service provider’s URL from a Web
browser:
https://wtsc58.itso.ibm.com:19445/SecurityInfoRouterWS/services/
SecurityInfo
Depending on your browser settings, you may be prompted with a security
alert. If so, click View Certificate to see who the certificate was issued by and
issued to. The certificate should match what you have defined for the
WebSphere control region user ID’s keyring. The output on the Web page
should show:
{http://itso.ibm.com}SecurityInfo
Hi there, this is a Web service!

Get Security in WebSphere Application Server V6.1 and J2EE 1.4 on z/OS now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.