Using the SOAP Listener With SSL

Design time tools such as iWay Designer and iWay Explorer (which need to communicate with the SOAP listener) do not communicate using SSL. As a result, you must create a new SOAP listener for run time purposes that is secured. You also need to keep the default SOAP listener for design time activities. When configuring a SOAP listener, you can use the standard SOAP1 listener as a template.

Procedure: How to Configure a SOAP Listener

To configure a SOAP Listener:

Log on to the iWay Service Manager Administration Console.
Click Registry in the top pane.
In the left pane, click Listeners under the Components section.

The Listeners pane opens.
Click Add.
The Select listener type pane opens.
Select soap from the drop-down list and click Next.
The Configuration parameters for the SOAP listener opens, as shown in the following image.
Enter a new port number in the Port field.
Enter the path to your keystore on your file system in the Keystore field.
Provide the password for your keystore in the Keystore Password field.
Specify the type of keystore you are using in the Keystore Type field.
The default value is JKS.
Enter SSL in the Security Protocol field.
From the Client Authentication drop-down list, select true.
For more information on all the available SOAP listener parameters, see SOAP Listener Parameters.
Click Next.
The following pane opens.
Provide a name and optional description for the listener.
Click Finish.
You are returned to the Listeners pane, which includes the new listener you created.

Now that you have two SOAP listeners, you must still use the SOAP1 listener (default port 9000) for iWay Explorer connection purposes. Find the components (business objects) for which you wish to generate Web services using iWay Explorer, and then generate the necessary Web services.

As long as the same iWay Service Manager repository is being used, the Web services created on one SOAP listener can be run on the other SOAP listener. To do this, you will need to view the WSDL file.

For example, in a Web browser:
```
http://hostname:9000/license_name/webservice_name.ibs?wsdl
```
Save this file to your file system, using the .wsdl extension. Then open the WSDL file you just saved using an editor and make the following change toward the bottom of the file.
Change:
```
<soap: address location="http://hostname:9000/XDSOAP Router"/>
```
To:
```
<soap: address location="https://hostname:9004/XDSOAPRouter"/>
```
Save the modified WSDL file.
You must now provide the modified WSDL file to whatever client needs to run the Web service in a secured mode. When that client attempts to run, the secured SOAP listener in iWay Service Manager will request the public portion of the keystore you specified for the listener.
You can test this by first running with XML SPY, which should fail, since it does not provide certificates when connecting. Next, configure a process flow in iWay Designer using the Web service object. Specify the modified WSDL file in the properties of the Web service object. Ensure that the keystore is defined on the iWay Service Manager instance on which you will run the process flow.

Parameter	Description
Port	Port on which SOAP requests will be accepted.
Local bind address	Local bind address for multi-homed hosts. This field is usually kept empty.
Asynch Directory	Directory to be used to store asynchronous SOAP requests.
Timeout	Timeout interval for TCP socket.
LingerTime	'Linger-on-close' period in seconds. Use if TCP loses links when sending documents.
Keystore	Full path to security key file.
Keystore Password	Password for Keystore key file.
Keystore Type	Type of the Keystore.
Truststore	File which provides the trust certificates, used to authenticate clients. This will be used if client authentication is required. Leave blank, for the default JVM Truststore to be used.
Truststore Type	Type of Truststore.
Security Provider Class	Overrides the default security provider.
Security Protocol	Overrides the default secure protocol.
Security Algorithm	Overrides the default algorithm.
Client Authentication	If set to true, authentication will be required from the client.
Whitespace Normalization	Specifies how the parser treats whitespace in Element content. Choose preserve to turn off all normalization as prescribed by the XML Specification. Choose condense to remove extra whitespace in pretty printed documents and for compatibility with earlier versions.
Accepts non-XML (flat) only	If set to true, the listener expects flat (non-XML). Automatic parsing is not performed.
Optimize Favoring	Selection of memory is useful for large input documents.
Multithreading	Number of documents that can be processed in parallel.
Maximum threads	Parallel threads can grow to this count automatically on demand.
Execution Time Limit	Time limit for document execution (in seconds) before cancellation is attempted. This applies to agent stacks and sets a lower limit for process flows.
Agent Precedence	Changes order by which engine selects agents. Normally the document overrides the listener. This is used to manage iWay documents.
Always reply to listener default	If set to true, the default reply definition is used in addition to defined replies.
Error Documents treated normally	If set to true, error documents will get processed by any configured preemitters.
Listener is Transaction Manager	If set to true, agents run within a local transaction managed by the listener.
Record in Activity Log(s)	If set to true, activity on this channel will be recorded in the activity logs, else the activity will not be recorded.