Category: DataPower

Datapower: url-open with custom MQ Headers

If you are trying to use datapower’s url-open command to an MQ destination and need to set the MQMD header, you must follow the information contained in the following post: http://www.ibm.com/developerworks/forums/message.jspa?messageID=14542843#14542843 Basically, the final xslt document that needs to be sent as part of the http-headers is: <xsl:variable name=”newSerializedMQMD”> <header name=”MQMD”></strong> <xsl:value-of select=”$mqmdSer” /> </header></strong> […]

Read more

DataPower 3.8.1 and WebSphere MQ

If you are using DataPower to pull messages from MQ which contains persistent messages, do yourself a favor and set the ‘Units of Work’ on the QM in DP to 1. This will enable DataPower to use SyncPoints from MQ and allow you transactionality on a per-message basis. Without this setting, you can get very […]

Read more

DataPower Architectural Design Patterns: Integrating and Securing Services Across Domains

Redbook, published: Mon, 13 Oct 2008

– Introduction to DataPower Services
– Integration Services
– Security Services

IBM® WebSphere® DataPower® SOA Appliances are purpose-built network devices that offer a wide variety of functionality such as the securing and management of SOA Applications, enterprise service bus integration, and high speed XSL execution.

Read more

DataPower Architectural Design Patterns: Integrating and Securing Services Across Domains

Draft Redbook, last updated: Tue, 26 Aug 2008

– Introduction to DataPower Services
– Integration Services
– Security Services

IBM® WebSphere® DataPower® SOA Appliances are purpose-built network devices that offer a wide variety of functionality such as the securing and management of SOA Applications, Enterprise Service Bus Integration, and high speed XSL execution.

Read more

DataPower Course WB552 Overall Impressions

I have to admit that I was very impressed with DataPower Course WB552. The content of the course covered everything that on would need to know about how to use the box along with security. It also provided a lot of opportunity to go off the beaten path and try modifications on your own. I […]

Read more

WB552: Random DataPower Thoughts Part 12

Message set (traffic Pattern) Count monitors increment based on condition. Duration monitors occur when a configured amount of time passes during processing of messages for the condition. Message Count Monitors would be used to limit requests to a certain rate (100/second) Message duration monitors are clock-based. Measure things like average server response. Traffic Definitions are […]

Read more

WB552: Random DataPower Thoughts 11

Tivoli Directory Integration can integrate with multiple LDAP. LDAP Search Attribute is the attribute in the LDAP that you want to look up. Load Balancing Algorithms: First-Alive: Secondary servers are only called when the primary server is down. So the first alive entry is always used. Hash: Hashes the IP address of the client to […]

Read more

WB552: Random DataPower Thoughts Part 10

AAA: Authentication, Authorization and Auditing Authentication can occur without the use of external servers: AAA file, LTPA and a Validation credential object, SAML token (?).  Can use the external Systems: LDAP, SAML, Tivoli, RADIUS When hitting a webpage, a browser artifact on a third party server can be pointed to embedded in the URL of […]

Read more

WB552: Random DataPower Thoughts Part 9

XML Virus scanning uses a filter action sheet: store://Virus-ScanAttachment.xsl. This transform needs to be modified to include the URL of your ICAP server Dictionary Attacks Protection uses count monitoring. SQL injection Protection uses the store://SQL-Injection-Filter.xsl transformation.

Read more

DataPower: Can A Match Action Accept Multiple URLs?

I have a match action which should accept /encrypt and /encrypt_fl . Could I have both of these specified in a single match action? When I tried it, I got a datapower error with the box unable to match. Not sure if this is user-error or what, but I thought I’d give a heads up […]

Read more

WB552: Random DataPower Thoughts Part 8

SSL: Message Confidentiality, Message Integrity and Non-Repudiation Server always authenticates to the client. Client optionally authenticates to the server. During an SSL handshake: Negotiate the level of SSL, decide on cipher suite, authenticate the server, build a secret key to be used for the session. SSL hello contains list of Cipher Suites. Server responds with […]

Read more

WB552: Random DataPower Thoughts Part 7

SSL Connections need Validation or Identification credentials based on which side of the conversation (client or server) the datapower box is. Nonrepudiation: How do you knowwho the party on the other end is? Signature: Encrypt a message with a private key, decrypt with the public key. This allows the receiver to verify the sender. Only […]

Read more

WB552: Random DataPower Thoughts Part 6

Always check the default system log when an error is first encountered. Audit log only occurs on the default domain. Captured IP packets are stored in pcap format. Need a tool to explore the data such as ethereal. The packet capture file is in the temporary directory. Probes and debug level logging will create a […]

Read more

WB552: Random DataPower Thoughts Part 5

Pass-thru: Traffic is passed without execution of the service policy. XML: Check for well-formed XML SOAP: Checked for SOAP Message validity. Non-XML: Treated as a binary and the service policy is executed. Service Level Monitors need a WSDL file to be defined. The validate action only accepts a single XSD definition or WSDL file. The […]

Read more

WB552: Random DataPower Thoughts Part 4

XML Firewall is a superset of the XSL Proxy. Web Service proxy understands more of the requirements to be a web service than the XML Firewall which only treats data as XML documents. Web Service Proxy and Multi-Protocol Gateway are supersets of the XML Firewall. Neither suppors the loopback proxy. Web Application Firewall: Customized XML […]

Read more

WB552: Random DataPower Thoughts Part 2

DataPower XA35 (Green): XA = XML Accelerator DataPower XS40 (Yellow): XS = XML Security DataPower XI50 (Blue): XI = XML Integration “SSL Termination” refers to the destination system that recieves an SSL connection. DataPower can not participate in a two-phase commit transaction. Seems to me like this is a feature that needs to be incorporated […]

Read more

WB552: Random DataPower Thoughts Part 1

DataPower will not allow modified firmwares to be uploaded to the machine. They are required to be signed by IBM. By default, the device is ‘completely off’ with a locked down configuration. It’s up to the administrator to enable relevant services. When something is in encrypted storage, there is no UI to get the information […]

Read more

WB552: “Is there an IDE for DataPower?”

Q: “Is there an IDE for DataPower?” Answer: No. The web client is used to access most of the features” I think that there probably should be an investment (or direction) from IBM about how to go about doing the development work for DataPower. What I say this, I mean what is the recommended IDE […]

Read more

WB552: Introductions

Instructor: Greg Dinning, a 10 year educator on the IBM Suite of Integration software. The Attendees were a wide mix of developers wondering how to use the box, people who wanted to understand why they should buy it and people (like me) who are focused on getting the information to pass certification. I’m not going […]

Read more

Attending DataPower Classroom Training Next Week

Sometimes the stars just align perfectly. I’m trying to get my DataPower Certification and IBM’s business partner relations team is offering a free course on DataPower next week in Markham. It pays to be in a city with an IBM Office. I’ll be in attendance there and hopefully sitting in the room for 5 days […]

Read more

Make SOA real with IBM WebSphere Enterprise Service Bus and IBM WebSphere DataPower SOA Appliances

Looking for a way to manage the interoperability among applications using
different protocols that need to exchange confidential data? Consider combining the
functionality of IBM WebSphere Enterprise Service Bus and IBM WebSphere DataPower
SOA Appliances. Find out how you can get a secure, agile, and extendible solution
with a little effort in terms of code.

Read more

Using DataPower SOA Appliances to query WebSphere Service Registry and Repository

Learn how to use IBM WebSphere DataPower SOA Appliances to query information from IBM WebSphere Service Registry and Repository using the REST API and SOAP API. Reusable stylesheets are provided to serve as standard query components to be used throughout DataPower configurations. Step-by-step examples show how these assets can be used to query WebSphere Service Registry and Repository. (IBM WebSphere Developer Technical Journal)

Read more

Build an RSS aggregator using IBM WebSphere DataPower SOA Appliances multistep

The IBM WebSphere DataPower SOA Appliances multistep processing policy
system is a key part of appliance configuration. Version 3.6.1 of the firmware
includes a number of enhancements to multistep that provide functionality familiar
to programmers, including loops of actions, conditional execution of actions, and
the ability to execute actions in parallel. Explore how you can combine the new
features in multistep 3 to build an RSS feed aggregator.

Read more