Introducing the all-new TIBCO Community site!

For current users, please click "Sign In" to reset your password and access the enhanced features. If you're a first-time visitor, we extend a warm welcome—click "Sign Up" to become a part of the TIBCO Community!

If you're seeking alternative community sites, explore ibi, Jaspersoft, and Spotfire.

Jump to content
  • BW6.X - BWCE - Security - How to switch between HTTP and HTTPS using a property in BusinessWorks and BusinessWorks Container Edition


    It is quiet common to use different connection configurations in runtime environments, like for example to use a simple HTTP connection in a test environment and an HTTPS connection in the production environment.

    BusinessWorks already had the capability to manage different connection resources in an application and to switch between resources at runtime as explained in this previous article:

    https://community.tibco.com/articles/tibco-activematrix-businessworks/bw6x-bwce-how-to-select-a-connection-configuration-at-runtime-in-businessworks-6x-and-businessworks-container-edition-r3377/

    Meanwhile things have been made more simple since BusinessWorks 6.8.0 that introduced the capability to enable or disable HTTPS using a property in the HTTP Connector and HTTP Client resources.

    Enabling or disabling HTTPS in an HTTP Connector resource

    Since BusinessWorks 6.8.0 it is possible to set the value of the ‘Confidentiality’ configuration option using a property of type Boolean.

    This can be set-up with the following :

    . Create a property of type Boolean with a default value of ‘true’

    . Configure the HTTP Connector resource with an SSL Server resource to use HTTPS

    . Configure the KeyStore resource used by the SSL Server resource

    In such configuration HTTPS will be enabled at runtime when the property value will be set to true, otherwise it will be disabled and it will be possible to access the corresponding REST API or WEB Service using plain HTTP.

    1*CGJm0C7-yvJQKLAtN5r55w.png

    Things to know :

    . In Studio if you set the value of the property to false and configure again the Confidentiality configuration option to use the property, the SSL Server Configuration previously selected is reset (it is then recommended to not update the Confidentiality configuration option)
    . In the debugger or in a runtime environment the output of the ‘lendpoints’ command is always showing the end point to be exposed in HTTPS event if the property is set to false.

    1*eAmEJknUI4TF0lOvaZgh0g.png

    Enabling or disabling HTTPS in an HTTP Client resource

    Since BusinessWorks 6.8.0 it is possible to set the value of the ‘Confidentiality’ configuration option using a property of type Boolean.

    This can be set-up with the following :

    . Create a property of type Boolean with a default value of ‘true’

    . Configure the HTTP Client resource with an SSL Server resource to use HTTPS

    . Configure the KeyStore resource used by the SSL Server resource

    The configuration option will be managed at runtime only of the following property value is set to true in the runtime environment :

    bw.plugin.http.client.relyOnConfidentialityField=true

    1*2JcC0W2a5FTmsoYU3dzDVg.png

    Things to know :

    . In Studio if you set the value of the property to false and configure again the Confidentiality configuration option to use the property, the SSL Server Configuration previously selected is reset (it is then recommended to not update the Confidentiality configuration option)
    . To disable HTTPS it is also needed to unselect the ‘Default Confidentiality’ option


    User Feedback

    Recommended Comments

    There are no comments to display.



    Create an account or sign in to comment

    You need to be a member in order to leave a comment

    Create an account

    Sign up for a new account in our community. It's easy!

    Register a new account

    Sign in

    Already have an account? Sign in here.

    Sign In Now

×
×
  • Create New...