HTTP Security Settings
You may need to configure HTTP security settings in the following scenarios:
•The Web service is called through HTTPS and requires a client certificate.
•The server uses an incorrect certificate, and you would like to allow a host name mismatch between the certificate and request.
•The Web service requires basic HTTP authentication or OAuth 2.0 authorization.
To set HTTP security, click the Edit button next to HTTP Security Settings. This opens the HTTP Security Settings dialog (screenshot below). The available settings are described in the subsections below.
HTTPS (TLS)
This group of options is relevant to Web services called through HTTPS.
Check Server Certificate | This check box is selected by default, meaning MapForce is configured to check the certificate of the server before proceeding with the request. When this option is enabled, the Web service request (and the mapping) will fail if the server is not trusted, or if your operating system is not configured to trust the Web server.
It is not recommended to disable this option unless you have a good reason to do so. See also Digital Certificate Management.
|
Allow host name mismatch between certificate and request | Sometimes a server certificate issued for a particular host name (for example, www.example.com) is installed on a different host name (for example, example.com). Select this check box to proceed with authentication even if the host name of the certificate does not match the host name called by the Web service.
|
Client certificate | Click Select to choose a client certificate from the Current User\Personal certificate store. This assumes the client certificate already exists in the Current User\Personal certificate store; otherwise, you can import it using the Certificates snap-in (see Accessing the Certificate Stores on Windows).
If the mapping will be deployed for execution to another operating system, the same certificate must be installed on the target operating system as well. For further information, see Digital Certificate Management.
|
HTTP Authentication
This group of options is relevant when a Web service requires HTTP authentication. For more information about these options, see Running Mappings with Authentication.
None | Select this option if the Web service does not require any kind of authentication.
|
Use credential | Select this option to configure HTTP or OAuth 2.0 credentials. For more information, see Credentials.
|
Username, Password | Select this option if you would like to store the username and password in encrypted form in the mapping file. This option is supported only for backward compatibility, see Stored Username and Password.
|
Dynamic authentication | Select this check box if you would like to supply the username and password from the mapping instead of entering them into this dialog box. For more information, see Dynamic Authentication.
|
Preemptive authentication | Select this check box if the Web service is configured to expect authentication data in the first call.
Otherwise, MapForce attempts access without username and password and will use them if the server requires authorization (HTTP status 401).
|