CICS Web services does not provide its own security; however, you can implement some measure of security using one or more
of the following options:
- TCPIPSERVICE
- For server-side security, you can configure the TCPIPSERVICE with transport security (TLS/SSL). To use it effectively, a client
might be required to perform authentication via a certificate, via HTTP Basic Authentication, or both. See
SSL Support for CICS Web Interface Servers and the IBM
TCPIPSERVICE attributes Help page for details.
- Authorization header
- A CICS Web Service requester can send an Authorization header using the technique described for the IBM SupportPac CA8J in
their
SupportPac CA8J: Generate Basic Authentication headers for a CICS HTTP client
document. Generally, this includes these three steps:
- Specify a transport handler program in the pipeline configuration file for the requester.
- Code the transport handler program to call the HTTPAUTH program, providing the required user name and password.
Note: HTTPAUTH encodes the credentials in Base64.
- Using the encoded data returned from HTTPAUTH, append the transport handler program with an Authorization header to the SOAPAction
header container.