Implementing CICS Web Services

Implementing CICS Web Services

by Nigel Williams, Luis Aused Lopez, Robert Herman, Mike Ebbers, Grant Ward Able, Paolo Chieregatti, Tommy Joergensen, Steve Wall
Released October 2007
Publisher(s): IBM Redbooks
ISBN: None

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

The Web services support in CICS Transaction Server Version 3.1 enables your CICS programs to be Web service providers or requesters. CICS supports a number of specifications including SOAP Version 1.1 and Version 1.2, and Web services distributed transactions (WS-Atomic Transaction).

This IBM Redbooks publication will help you configure the CICS Web services support for both HTTP and WebSphere MQ based solutions. We show how Web services can be used to integrate J2EE applications running in WebSphere Application Server with COBOL programs running in CICS.

It begins with an overview of Web services standards and the Web services support provided by CICS TS V3.1. Complete details for configuring CICS Web services using both HTTP and WebSphere MQ are provided next, along with the steps for using Web services to connect to CICS from a service integration bus. The book then shows how CICS Web services can be secured using a combination of Web Services Security (WS-Security) and transport-level security mechanisms such as SSL/TLS. Finally, it demonstrates how atomic Web services transactions can be configured to allow WebSphere and CICS resource updates to be synchronized.

This book concentrates on implementation specifics such as security, transactions, and availability. The companion book Developing CICS Web Services (SG24-7126) presents detailed information about developing CICS Web services.

Table of contents

  1. Notices
    1. Trademarks
  2. Preface
    1. The team that wrote this book
    2. Become a published author
    3. Comments welcome
  3. Summary of changes
    1. December 2006, Second Edition
    2. October 2007, Third Edition
  4. Part 1: Introduction
  5. Chapter 1: Overview of Web services
    1. 1.1: Introduction
    2. 1.2: Service-oriented architecture
      1. Characteristics
      2. Web services versus service-oriented architectures
    3. 1.3: Web services
      1. Properties of a Web service
      2. Core standards
      3. Web Service Interoperability Basic Profile 1.0
      4. Additional standards
    4. 1.4: SOAP
      1. The envelope
      2. Communication styles
      3. Encodings
      4. Messaging modes
    5. 1.5: WSDL
      1. WSDL Document
      2. WSDL document anatomy
      3. WSDL definition (1/2)
      4. WSDL definition (2/2)
      5. WSDL bindings
    6. 1.6: Summary
  6. Chapter 2: CICS support for Web services
    1. 2.1: Overview
    2. 2.2: CICS as a service provider
      1. Preparing to run a CICS application as a service provider
      2. Processing the inbound service request
    3. 2.3: CICS as a service requester
      1. Preparing to run a CICS application as a service requester
      2. Processing the outbound service request
      3. Local optimization
    4. 2.4: CICS resources for Web services
      1. URIMAP
      2. PIPELINE
      3. WEBSERVICE
      4. TCPIPSERVICE
      5. Resources checklist
    5. 2.5: Message handlers
      1. SOAP message handlers
      2. Channels and containers
    6. 2.6: Tools for developing CICS Web services
      1. CICS Web services assistant
      2. Web services assistant utility programs
      3. WebSphere Developer for zSeries
    7. 2.7: Catalog manager example application
      1. The base application
      2. Web services support for the catalog example application
  7. Part 2: Web service configuration
  8. Chapter 3: Web services using HTTP
    1. 3.1: Preparation
      1. Software checklist
      2. Definition checklist
      3. The sample application
    2. 3.2: Configuring CICS as a service provider
      1. Configuring code page support
      2. Configuring CICS
      3. Configuring WebSphere Application Server on Windows
      4. Testing the configuration
    3. 3.3: Configuring CICS as a service requester
      1. Configuring CICS
      2. Configuring WebSphere Application Server for z/OS
      3. Testing the configuration
    4. 3.4: Configuring for high availability
      1. TCP/IP load balancing
      2. High availability configuration
      3. Routing inbound Web service requests
    5. 3.5: Problem determination
      1. Error calling dispatch service - INVREQ
  9. Chapter 4: Web services using WebSphere MQ
    1. 4.1: Preparation
      1. Software checklist
      2. Definition checklist
    2. 4.2: WebSphere MQ configuration
      1. Adding WebSphere MQ support to CICS
      2. Defining the queues
      3. Defining the trigger process
    3. 4.3: Configuring CICS as a service provider using WMQ
      1. Configuring the service provider pipeline
    4. 4.4: Configuring CICS as service requester using WMQ
      1. Configuring the Catalog application
      2. Configuring WebSphere Application Server on Windows
    5. 4.5: Testing the WMQ configuration
    6. 4.6: High availability with WMQ
  10. Chapter 5: Connecting CICS to the service integration bus
    1. 5.1: Overview of the service integration bus
      1. Why you would connect CICS to a bus
    2. 5.2: Preparation
      1. Software checklist
      2. Definition checklist
    3. 5.3: Configuring CICS for a gateway service
      1. Updating the CICS-supplied sample WSDL file
      2. Creating a URIMAP for the WSDL file
      3. Testing the retrieval of the WSDL file from a Web browser
    4. 5.4: Creating a gateway service on the bus
      1. Identifying the bus to be used
      2. Creating a Web services gateway instance
      3. Creating a gateway service
    5. 5.5: Testing the CICS gateway service
      1. Publish the bus-generated WSDL
      2. Configuring the catalog manager J2EE application
      3. Invoking the gateway service
  11. Part 3: Security management
  12. Chapter 6: Elements of cryptography
    1. 6.1: The role of cryptography
    2. 6.2: Secret key (or symmetric) cryptography
      1. DES
      2. Triple DES (TDEA)
      3. AES
    3. 6.3: Public key (or asymmetric) cryptography
      1. RSA
    4. 6.4: Hash functions
    5. 6.5: Message authentication codes
      1. Block cipher-based MACs
      2. Hash function-based MACs
    6. 6.6: Digital signatures
      1. Using DSA for digital signatures
      2. Using RSA for digital signatures
      3. Comparing RSA with DSA for digital signatures
    7. 6.7: Public key digital certificates
      1. tbsCertificate
      2. Standard extensions for X.509 V3 digital certificates
      3. Certification paths
    8. 6.8: Certificate revocation lists
      1. Extensions for entries in a CRL
      2. Extensions for a CRL
      3. Security considerations when using digital certificates
    9. 6.9: Key agreement protocols
      1. The RSA key agreement protocol
      2. The Diffie-Hellman key agreement protocol
    10. 6.10: Transport Layer Security (TLS) 1.0 protocol
      1. TLS overview
      2. Cipher suites
      3. Alert protocol
      4. Handshake protocol (1/3)
      5. Handshake protocol (2/3)
      6. Handshake protocol (3/3)
  13. Chapter 7: Crypto hardware and ICSF
    1. 7.1: Cryptographic hardware
      1. CP Assist for Cryptographic Functions (CPACF)
      2. Crypto Express 2 feature
      3. Comparison of CPACF, CEX2C, and CEX2A
      4. Other cryptographic hardware
    2. 7.2: ICSF
      1. ICSF callable services
      2. ICSF administration
    3. 7.3: How CICS uses ICSF
    4. 7.4: ICSF services used by CICS WS-Security support (1/2)
    5. 7.4: ICSF services used by CICS WS-Security support (2/2)
  14. Chapter 8: Securing Web services
    1. 8.1: Traditional CICS security
      1. CICS user IDs
    2. 8.2: Security exposures
    3. 8.3: Transport security
      1. HTTP transport
      2. WebSphere MQ transport
    4. 8.4: SOAP message security
      1. CICS and SOAP message security (1/2)
      2. CICS and SOAP message security (2/2)
      3. WebSphere and SOAP message security
    5. 8.5: Comparison of transport level and SOAP message security
    6. 8.6: Securing CICS Web services using the service integration bus
    7. 8.7: WebSphere Datapower SOA appliances
    8. 8.8: Identity assertion
      1. Trust token model
      2. Presumed trust model
  15. Chapter 9: Security scenarios
    1. 9.1: Preparation
      1. Software checklist
      2. Definition checklist
    2. 9.2: Basic security configuration
      1. Setting up basic security configuration
      2. Testing the basic security configuration
    3. 9.3: Setting the user ID on a URIMAP definition
      1. Defining the URIMAP
      2. Permitting access to user ID CICSNW
      3. Testing user ID on URIMAP resource definition
    4. 9.4: Enabling SOAP message security with HTTP
      1. Configuring the service requester (1/2)
      2. Configuring the service requester (2/2)
      3. Configuring CICS
      4. Testing SOAP message security
      5. SOAP fault messages
    5. 9.5: Enabling SSL/TLS
      1. Creating a key ring and certificates on z/OS for CICS
      2. Enabling an SSL/TLS connection from WebSphere
      3. Configuring CICS support for SSL/TLS
      4. Testing SSL/TLS
    6. 9.6: Enabling SOAP message security with WMQ
      1. Configuring CICS to use WMQ
      2. Configuring the service requester
      3. Header processing program
      4. Configuring the service provider
      5. Configuring WebSphere MQ for security
      6. Testing security with WMQ
  16. Chapter 10: Security scenarios using CICS WS-Security support
    1. 10.1: Preparation
      1. Software checklist
      2. Definition checklist
    2. 10.2: Basic security configuration
      1. Creating a RACF key ring
      2. Specifying the security SIT parameters
      3. Testing the basic security configuration
      4. Configuring the pipeline
      5. Setting a user ID on a URIMAP definition
    3. 10.3: Basic authentication
      1. Configuring the service requester for basic authentication (1/2)
      2. Configuring the service requester for basic authentication (2/2)
      3. Configuring CICS
      4. Testing basic authentication (1/2)
      5. Testing basic authentication (2/2)
    4. 10.4: Certificate and key pair generation (1/3)
    5. 10.4: Certificate and key pair generation (2/3)
    6. 10.4: Certificate and key pair generation (3/3)
    7. 10.5: Signing a SOAP message
      1. Configuring the service requester for signature processing (1/3)
      2. Configuring the service requester for signature processing (2/3)
      3. Configuring the service requester for signature processing (3/3)
      4. Configuring CICS for signature processing
      5. Testing the signature scenario (1/2)
      6. Testing the signature scenario (2/2)
    8. 10.6: Encrypting a SOAP message
      1. Configuring the service requester for encryption (1/3)
      2. Configuring the service requester for encryption (2/3)
      3. Configuring the service requester for encryption (3/3)
      4. Configuring CICS for encryption
      5. Testing the encryption scenario (1/2)
      6. Testing the encryption scenario (2/2)
  17. Part 4: Transaction management
  18. Chapter 11: Introduction to Web services: Atomic transactions
    1. 11.1: Beginner’s guide to atomic transactions
      1. What is a classic transaction
      2. Mapping from classic transactions to WS-Atomic Transaction
    2. 11.2: WS-Addressing
      1. Endpoint references
      2. Message information headers
      3. SOAP binding for endpoint references
    3. 11.3: WS-Coordination
      1. Coordination service
      2. CreateCoordinationContext
      3. CreateCoordinationContextResponse
      4. Register
      5. Register response
      6. Two applications with their own coordinators
      7. Addressing requirements for WS-Coordination message types
    4. 11.4: WS-Atomic Transaction
      1. Completion protocol
      2. Two-Phase Commit protocol
      3. Two applications with their own coordinators (continued)
      4. Addressing requirements for WS-AT message types
      5. CICS TS V3.1 and resynchronization processing
  19. Chapter 12: Enabling atomic transactions
    1. 12.1: Enabling atomic transactions in CICS
      1. CICS to CICS configuration
      2. More elaborate CICS to CICS configuration
    2. 12.2: Enabling atomic transactions in WebSphere
  20. Chapter 13: Transaction scenarios
    1. 13.1: Introduction to our scenarios
      1. Software checklist
      2. Definition checklist
    2. 13.2: The simple atomic transaction scenario
      1. Setting up CICS for the simple scenario
      2. Creating the AtomicClient and ITSO.ORDER table (1/4)
      3. Creating the AtomicClient and ITSO.ORDER table (2/4)
      4. Creating the AtomicClient and ITSO.ORDER table (3/4)
      5. Creating the AtomicClient and ITSO.ORDER table (4/4)
      6. Testing the simple scenario (1/5)
      7. Testing the simple scenario (2/5)
      8. Testing the simple scenario (3/5)
      9. Testing the simple scenario (4/5)
      10. Testing the simple scenario (5/5)
    3. 13.3: The daisy chain atomic transaction scenario
      1. Setting up CICS for the daisy chain scenario
      2. Creating DispatchOrderAtomic and the ITSO.DISPATCH table
      3. Testing the daisy chain scenario (1/2)
      4. Testing the daisy chain scenario (2/2)
    4. 13.4: Transaction scenario summary
  21. Part 5: Appendixes
  22. Appendix A: Sample handler programs
    1. A.1: Sample message handler program - CIWSMSGH
    2. A.2: Sample header processing program - CIWSSECH (1/2)
    3. A.2: Sample header processing program - CIWSSECH (2/2)
    4. A.3: Sample handler program - SNIFFER (1/3)
    5. A.3: Sample handler program - SNIFFER (2/3)
    6. A.3: Sample handler program - SNIFFER (3/3)
    7. A.4: Sample XML parser program - MYPARSER
    8. A.5: Sample header processing program - CIWSSECR (1/2)
    9. A.5: Sample header processing program - CIWSSECR (2/2)
    10. A.6: Sample header processing program - CIWSSECS
    11. A.7: Sample header processing program - WSATHND (1/2)
    12. A.7: Sample header processing program - WSATHND (2/2)
  23. Appendix B: How the DES, AES, SHA-1, and HMAC algorithms work
    1. B.1: How DES works
    2. B.2: How AES works
    3. B.3: How SHA-1 works
      1. Definitions
      2. SHA-1 preprocessing
      3. SHA-1 hash computation
    4. B.4: How the HMAC algorithm of FIPS PUB 198 works
  24. Abbreviations and acronyms
  25. Related publications
    1. IBM Redbooks
    2. Other publications
    3. Online resources
    4. How to get IBM Redbooks
    5. Help from IBM
  26. Index (1/3)
  27. Index (2/3)
  28. Index (3/3)
  29. Back cover

Product information

  • Title: Implementing CICS Web Services
  • Author(s): Nigel Williams, Luis Aused Lopez, Robert Herman, Mike Ebbers, Grant Ward Able, Paolo Chieregatti, Tommy Joergensen, Steve Wall
  • Release date: October 2007
  • Publisher(s): IBM Redbooks
  • ISBN: None