Versions Compared

Old Version 7

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

You open the REST Server agent configuration dialog from a workflow configuration: you can right-click the agent icon and select Configuration..., or double-click the agent icon.

General Tab

The General tab contains settings related to the location and authentication of the REST server.

...

SettingDescription
Local Address

The local address that the server will bind to. If the field is left empty, the server will bind to the default address.

PortThe port the server will listen to. Default The default port is 80.
REST Server Profile

Click Browse to select a predefined REST Server Profile. The profile contains the configuration of the request URI allowed by the REST Server. 

For further information, see 8.16 REST Server Profile.

Note
titleNote!

If you have not select selected a profile, any request URI will be allowed by the REST Server agent.


Use TLS

If enabled, the communication channels will be encrypted.

You must select this option for the TLS Keystore, TLS Keystore Password as well as the Enable 2-way Authentication option to be made available.

TLS Keystore

A keystore file containing the server certificate to be used with TLS.

Enter the full path to a keystore file on the local or mounted disk on the execution host.

TLS Keystore PasswordThe password for the keystore file.
Enable 2-way Authentication

If enabled, two-way authentication is enabled for the communication channels.

2-way Truststore

Enter the full path to a truststore file on the local or mounted disk on the execution host.

2-way Truststore Password

The password for the selected truststore file.

You must populate this field if you want to use a specific truststore.

Additional Certificate Validation

If enabled, the agent will perform certificate chain validation and revocation status checkchecks. You must configure the CRL (Certificate Revocation List) file path or CRLDP (Certificate Revocation List Distribution Points) if this is enabled.

CRL File Path

Path to the Certificate Revocation List (CRL) file that has been downloaded locally. Enable CRLDP will be greyed out when configuring the file path.

Enable CRLDP

Enable Certificate Revocation List Distribution Points (CRLDP) extension support. CRL File Path will be greyed out when enabling CRLDP.

Server Timeout (s)The number of seconds before the server closes a request. If the timeout is set to 0 (zero) no timeout will occur. Default The default value is 5.


Note

To generate the keystore file using , please refer to the 2.2.11 keytool command.


Note

You can find the TLS hanshake handshake failed error from the EC log. You can also find the error if you have debug turned on for your workflow monitor.

Authentication Tab

The Authentication tab contains settings related to the OAuth 2.0 Authentication for the REST Server agent.

...

SettingDescription
OAuth 2.0 Authentication

If enabled, the REST Server agent will check all incoming HTTP requests for access tokens and validate the access tokens. Only access tokens generated by the Authorization Server will be accepted.


If not enabled, the REST Server agent will not check the incoming HTTP requests for access tokens.

The Authorization Server is a Service Provider in which is used to generate OAuth 2.0 access tokens. For more information on how to setup set up the Authorization Server, please refer to 2.1 Enabling Authorization Server

Note

You must select this option for the OAuth Truststore, OAuth Truststore Password, and JWT Public Alias to be made available. Enable Use TLS, under the General tab, is also required if OAuth 2.0 Authentication is enabled.


OAuth Truststore

Path to the truststore where the public key for access token validation from the OAuth2 Service is stored. Only the Java KeyStore (JKS) format is supported.

Enter the full path to a truststore file on the local or mounted disk on the execution host.

OAuth Truststore Password

The password for the truststore

Note
titleSame Password

All keys must have the same password as the truststore.


JWT Public Key Alias

The alias of the key inside the truststore is to be used to access token validation.

The key referred to here is the public key of the RSA key pair defined in the "jwt" configuration of the Authorization Server.

Note

The alias password, when configured during the construction of the truststore certificate should be the same as OAuth Truststore password.

Advanced Tab

The Advance tab contains additional properties that can be configured for the REST Server agent.

Image Removed

 REST Server agent configuration - Advanced tab

See the text in the Properties field for further information about the other properties that you can set.

You open the REST Server agent configuration dialog from a workflow configuration: you can right-click the agent icon and select Configuration..., or double-click the agent icon.

General Tab

The General tab contains settings related to the location and authentication of the REST server.

Image Removed

REST Server agent configuration - General tab

Click Browse to select a predefined REST Server Profile. The profile contains the configuration of the request URI allowed by REST Server. 

For further information, see 8.16 REST Server Profile.

SettingDescription
Local Address

The local address that the server will bind to. If the field is left empty, the server will bind to the default address.

PortThe port the server will listen to. Default port is 80.
REST Server Profile
Note
titleNote!

If you have not select a profile, any request URI will be allowed by the REST Server agent.

Use TLS

If enabled, the communication channels will be encrypted.

You must select this option for the TLS Keystore, TLS Keystore Password as well

as

the Enable 2-way Authentication option to be made available.TLS Keystore

A keystore file containing the server certificate to be used with TLS.

Enter the full path to a keystore file on the local or mounted disk on the execution host.

TLS Keystore PasswordThe password for the keystore file.Enable 2-way Authentication

If enabled, two-way authentication is enabled for the communication channels.

2-way Truststore

Enter the full path to a truststore file on the local or mounted disk on the execution host.

2-way Truststore PasswordSettingDescriptionOAuth 2.0 Authentication

If enabled, the REST Server agent will check all incoming HTTP requests for access tokens and validate the access tokens. Only access tokens generated by the Authorization Server will be accepted.

If not enabled, the REST Server agent will not check the incoming HTTP requests for access tokens.
The Authorization Server is a Service Provider in which is used to generate OAuth 2.0 access tokens. For more information on how to setup the Authorization Server, please refer to 2.1 Enabling Authorization Server
Note

You must select this option for the OAuth Truststore, OAuth Truststore Password and JWT Public Alias to be made available. Enable Use TLS, under the General tab, is also required if OAuth 2.0 Authentication is enabled.

OAuth Truststore

Path to the truststore where the public key for access token validation from the OAuth2 Service is stored. Only Java KeyStore (JKS) format is supported.

Enter the full path to a truststore file on the local or mounted disk on the execution host.

OAuth Truststore Password

The password for the truststore

Note
titleSame Password

All keys must have the same password as the truststore.

JWT Public Key AliasThe password for

the

selected truststore file.

You must populate this field if you want to use a specific truststore.

Server Timeout (s)The number of seconds before the server closes a request. If the timeout is set to 0 (zero) no timeout will occur. Default value is 5.
Note

To generate the keystore file using , please refer to the 2.2.11 keytool command.

Authentication Tab

The Authentication tab contains settings related to the OAuth 2.0 Authentication for the REST Server agent.

Image Removed

REST Server agent configuration - Authentication tab

The alias of the key inside the truststore to be used to access token validation.

The key referred here is the public key of the RSA key pair defined in the "jwt" configuration of the Authorization Server.

Note

The alias password, when configured during the construction of the truststore certificate should be the same as OAuth Truststore password.



Advanced Tab

The Advance tab contains additional properties that can be configured for the REST Server agent.

...