Before you begin
You must create a REST API in the
IBM® Integration Toolkit, see
Creating a REST API.
About this task
You can authenticate HTTP clients that want to call a
REST API by enabling HTTP Basic Authentication. IBM Integration Bus supports several authentication
providers that can be used for this purpose, including Lightweight
Directory Access Protocol (LDAP), any WS-Trust V1.3 compliant Security
Token Service (STS), and Tivoli® Federated
Identity Manager.
Procedure
To enable HTTP Basic Authentication for a REST API by
using Lightweight Directory Access Protocol (LDAP), any WS-Trust V1.3
compliant Security Token Service (STS), or Tivoli Federated Identity Manager, complete
the following steps:
- Create a security profile that you can use for authentication,
see Creating a security profile for LDAP, Creating a security profile for WS-Trust V1.3 (TFIM V6.2) and Creating a security profile for TFIM V6.1.
- Configure the security profile that you created in the
previous step on the REST API:
- In the BAR file editor, open the
BAR file that contains the REST API.
- Click the Manage tab.
- Locate the automatically generated message flow in the
REST API. The automatically generated message flow is
named gen/<name_of_REST API>,
where <name_of_REST API> is the name of the
REST API.
- In the Properties view for the
automatically generated message flow, in the Security Profile
Name field, specify the name of the security profile that
you created in the previous step. Save the BAR file.
- Deploy the BAR file to an integration server. HTTP clients
that want to call the REST API must provide a user name and password.
If authentication information is not supplied by the HTTP client,
or authentication fails, an HTTP 401 Unauthorized status
code is returned to the client.
Results
You have secured a REST API by using HTTP Basic Authentication.
What to do next
You must package and deploy your REST API to an
integration server, see
Packaging and deploying a REST API.
You
can also complete the following optional tasks: