Datapower Xa/Xs/Xi Appliance: New in Version 3.8.0

DataPower XA/XS/XI appliance
New in version 3.8.0
© 2010 IBM Corporation
380DataPower.ppt Page 1 of 43
New 3.8.0 features
� DataPower® option for Application Optimization

– Intelligent Load Distributor
– Self Balancing
– Web 2.0
– Web Application Security Enhancement
� MQ Enhancement
� zKeys support
� Online Certificate Status Protocol (OCSP)
� Microsoft® WCF integration
� Tivoli® Security Policy Manager Integration
� Many many more…..
** Note : Not all features are apply to XA, nor XS
2 New in version 3.8.0 © 2010 IBM Corporation
This list contains a snapshot of the new features and improvements that were made to the
existing functionalities. You will see “DataPower option for Application Optimization”,
“MQ Enhancement”, “zKeys support”, “Online Certificate Status Protocol”,
“Microsoft WCF integration” and “Tivoli Security Policy Manager Integration”
separately. In this set of slides, you will see all the remaining new features and
enhancements for firmware release 3.8.0.
Support for remote DPA
� Use a xformbin action to transform the binary data.

– Before 3.8.0 you need to specify a local dpa file as the WTX map.
• Like “tx-map local:///MyMap.dpa”
– Now, you may specify a remote dpa file as the WTX map instead.
• Like “tx-map http://192.168.3.59:2065/MyMap.dpa”
• The dpa file will be fetched from the hosted server and be used to do the binary
transformation.
xi50(config action xformbin_txmap)# show
type xformbin
input INPUT
tx-mode dpa
tx-map http://192.168.3.59:2065/MyMap.dpa
output trx-bin
xi50(config action xformbin_txmap)#
To do the binary transformation, like from XML to binary or binary to XML, you need to use
the xformbin action and specify a DPA file as the WTX map.
Before release 3.8.0, a DPA file under local directory is used in the xformbin action. Now
you may specify a DPA file at remote server instead. It will be fetched from the remote
server to do the binary transformation.
Support for remote DPA (continued)
� Only http:// and https:// are supported.

� To reduce the time of fetching files from remote hosts, you may enable the document cache
for DPA files.
xi50(config xmlmgr default)# show
admin-state enabled
......
maxdocs 200 documents
size 1000000 bytes
policy *.dpa protocol 0 128
user-agent remote-dpa-https-user-agent [up]
xi50(config xmlmgr default)#
Only two protocols are supported – http and https. The other ones, like ftp, mq, and so on,
are not supported
The DPA file will be fetched for every transaction. However, the map does not change
often. So to improve the performance, you should enable the document cache for DPA
files. Then it will be fetched and cached.
DataPower Oracle RAC support
� This provides High Availability when Oracle Database is used

– Current solution
• Multiple SQL data sources
• Load balancer for health checks
• Copied rules for different data sources
– Problems
• Adds unnecessary complexity
• Wastes existing HA solutions
Oracle database high availability
� RAC is Oracle's version of DB2/Z Sysplex

� Uses clustered nodes with shared storage
� Requires little DataPower configuration
� First step towards general HA
RAC example - Topology
RAC example – DataPower perspective
Normal database connection RAC connection
Database ID
(Oracle SID) ServiceName
The left side is DataPower's pre-3.8.0 perspective of an Oracle database; referenced

using SID. The right side is DataPower's perspective of an Oracle database using
ServiceName. The difference is in the Oracle configuration; to DataPower the only
difference is the connection information (SID versus ServiceName).
RAC example – Behind the scenes
RAC connection
ServiceName
The ServiceName is a layer of indirection in the Oracle configuration to map a single

logical service to one or more database nodes. This service can be an alternate naming
scheme, a RAC connection, or something else.
RAC configuration
� “Oracle Identifier Type” is new

� Only available for Oracle
� Default is SID
� SID = database instance name
� ServiceName = database service name; extra level
of indirection
� ServiceName can be used for non-RAC
configurations as well
RAC configuration - Caveat
� Depending on the RAC configuration, DataPower may need extra info

� “AlternateServers” configuration parameter
� Just a list of nodes in the RAC
The “AlternateServers” configuration option may be necessary to explicitly tell DataPower

about other nodes in the RAC. This option is a comma delimited list of database hosts,
where each host is a colon delimited list of the following fields: HostName, PortNumber,
and SID or ServiceName.
Ability to customized deployment policy
� Deployment Policy editor helps you configure the property to be affected

Before 3.8 New in 3.8
Before 3.8, users had to manually enter the configuration property that they wanted the
Deployment Policy to effect. They can now use a dropdown list to choose the appropriate
property.
SOMA modify-config improvement
� SOMA modify-config can now update properties that are a vector of complex properties with
an index
– BaseWSDL is an example of a property that is a vector of complex properties with an
index (WSDLSourceLocation)
• The modify-config operation uses the index to determine what to add and what to
replace.
– There are two other types of vector properties, both of which will have all their members
replaced by a modify-config. This is the same behavior as before 3.8.0
• Vectors of complex properties without indexes
• Simple vectors: The property contains a list of values.
Before 3.8, you could not use the SOMA modify-config request to modify configuration object properties that are a vector
of complex properties.
The most common configuration object property that you might be frustrated in trying to modify, was the BaseWSDL
property of WSGateway objects.
The BaseWDL property of a WSGateway is a vector of complex properties. Before 3.8.0, a vector of complex properties
would be always replaced by a SOMA modify-config request. Now modify-config will merge the elements of an indexed
vector of complex properties with the existing indexed vector property elements.
Resulting configuration from applying previous SOMA request before 3.8.0
<WSGateway name=“myWSGW">

<BaseWSDL>

<WSDLSourceLocation>local:///b.wsdl</WSDLSourceLocation> <!– index -->
<WSDLName>b.wsdl</WSDLName>
</BaseWSDL>
</WSGateway>
Resulting configuration from applying previous SOMA request in 3.8.0


<BaseWSDL>
<!– a.wsdl from the original config -->
<WSDLSourceLocation>local:///a.wsdl</WSDLSourceLocation> <!– index -->
<WSDLName>a.wsdl</WSDLName>
</BaseWSDL>
<BaseWSDL>
<!– b.wsdl added -->
<WSDLSourceLocation>local:///b.wsdl</WSDLSourceLocation> <!– index -->
<WSDLName>b.wsdl</WSDLName>
</BaseWSDL>
</WSGateway>
New all-domains CLI command
� all-domains {enabled | disabled}

� Allows Admin or other administrator to enable or disable the admin state of all the domains
on an appliance.
� Default domain is not affected
� Would be useful in problem determination or resolution scenarios where one or more
domains is interfering with the operation of the appliance.
The new all-domains CLI command allows an administrator to enable or disable the admin
state of all the domains on an appliance. This new command would be useful in problem
determination, where one or more domains is interfering with the operation of the
appliance.
Better support of IMS messages > 32K using segmentation (1 of 3)
� Pre-3.8.0: Administrator responsible for configuring processing policy to handle segmented

IMS™ messages (segment headers, protocol tags, and so on)
– Tedious, difficult to extract payload to work with
� 3.8.0: Segmentation is automatically configured if the IMS Connect object indicates it is
needed.
– Result: only IMS payload is present during policy processing; more straightforward to
process
� Configuring using Web GUI

– Objects -> IMS Connect -> (Add or
modify existing)
– “Maximum Segment Size”
– Segmentation
• ON when value between 1-32
(size in kB of request segment
payload sizes)
• OFF when = 0 (behaves as pre
3.8.0)
This is an example of the page in the WebGUI where message segmentation can be
configured. It can also be configured using the CLI
� If both back end and front end are IMS

– Both back end and front end objects must either have segmentation ON or OFF,
otherwise the configuration is not valid and will result in runtime errors
– The Maximum Segment Sizes do not have to match, but they must both be zero or non
zero
• Valid: front end= 32, backend= 10
• Valid: front end= 0, backend= 0 (default)
• Invalid: front end= 0, backend= 10
Support for IMS-LLLL response header (1 of 2)
� Some responses from IMS contain an initial 4-byte LLLL header, the total response
message length
� Pre-3.8.0: these responses resulted in errors, as DataPower did not accept them
� 3.8.0: a toggle is included in the IMS Connect object configuration to specify whether to
expect this header
Support for IMS-LLLL response header (2 of 2)
� Configure using WebGUI to expect LLLL response header
This is an example of the page in the WebGUI where the LLLL Response Header could be
configured. It can also be configured from the CLI
Up to 175 custom log categories are now supported
� Before 3.8.0 the limit was 32
� The Custom log category has to be unique across the entire appliance.
� The same category can not be used in multiple domains.
WS-Proxy support of non-HTTP backend (1 of 3)
� The goal was to make WMQ, WebSphere® JMS and Tibco EMS more usable as back end of
WS-Proxy.
� Before 3.8.0
– WMQ, JMS and EMS could be used as WS-Proxy backend only using dynamic routing
(action or service variable)
– DP specific protocols (dpmq://, dptibems://, dpwasjms://, mq:// and tibems://) were not
supported for endpoint binding in actual WSDL file.
The goal is to provide the support without using dynamic routing, and to provide a way to
express the support in the wsdl.
� WMQ, Tibco EMS and WebSphere JMS become a first-class citizens both in WS-Proxy
wizard and on WS-Endpoint Rewrite Policy object screens.
� WS-Proxy wizard has been changed to show only properties relevant for selected
protocol, that is, Queue Manager if dpmq:// is selected or WebSphere JMS Server if
dpwasjms:// is selected, and so on..
� WMQ, EMS and JMS protocols are supported for service binding in WSDL:
<service name="ActivityServices">
<port name="ActivityServicesSoap" binding="s0:ActivityServicesSoap">
<soap:address location="dpmq://QM/?RequestQueue=Q1&ReplyQueue=Q2"/>
</port>
</service>
In 3.8.0, WMQ, Tibco EMS and WebSphere JMS becomes first class citizen in WS-Policy
wizard, and they can selected from the WebGUI.
In addition to that, the given protocol can be expressed in the wsdl directly.
� Screen capture of the WS-Proxy WebGUI support
Support Tibco EMS map messages (1 of 3)
� JMS Messages: byte, text, object, stream and map.

– JMS Specification says:
“Map Message - a message whose body contains a set of name-value pairs where
names are Strings and values are Java™ primitive types. The entries can be accessed
sequentially by enumerator or randomly by name. The order of the entries is undefined.”
– Tibco EMS extends this definition to allow nested map messages and arrays of Java
primitive types.
� Map messages converted to/from XML for multistep processing.
� JMS Message type is controlled by the value of “DP_JMSMessageType” header which
should correspond to one above.
This feature allows DataPower to convert the map message to XML format, for future
processing.
� Map messages scenarios

– Front side handler
• Map message is automatically converted to XML conforming to Datapower Tibco
EMS Map Message XML Schema.
• Header “DP_JMSMessageType” is set to have value “map”.
– MPGW back end, results action or dp:url-open extension function
• Message should conform to Datapower Tibco EMS Map Message XML Schema.
• Header “DP_JMSMessageType” is to be set to have value “map” by processing
policy. Otherwise message will be treated just as text or binary data.
Here is an example of a message converted to XML with this feature :

<Message>

<Field name="map1" type="map_message">
<Message>
<Field name="int_array" type="int_array">
<Array>
<Element>100000</Element>
<Element>25</Element>
</Array>
</Field>
<Field name="stringy" type="string">This is a quick brown fox.</Field>
</Message>
</Field>
</Message>
</Field>


<Field name="shorty" type="short">5146</Field>
</Message>
� How Tibco EMS map messages flow
The green box is the Tibco EMS server with the blue one being the DataPower appliance.
The message is converted to XML in the DataPower for processing and the output will be
converted from XML to a format that is understood by Tibco EMS.
Tibco EMS and WebSphere JMS transactions
� Goal was to provide the same level transactions support that exists for WMQ
� Visible changes
– URL Opener parameter “Transactional” - makes EMS or JMS call as part of transaction.
– URL Opener parameter “Sync” - performs COMMIT after Send operation.
� Other changes
– Transacted JMS session is shared between FSH, back side and processing actions to
provide guaranteed “once-and-only-once” message delivery.
– Error handling coupled with transaction semantics, var://service/error-ignore to commit
transactions in case of error.
New version of XMS library
� New version 2.0.0 of XMS library for WebSphere JMS connectivity.

– Many issues were fixed, much more stable
– Does not support WebSphere Application Server V7, need to wait for V2.1.0 of XMS
library
There is also an improvement in performance due to this upgrade.
JMS session allocation for transaction
This provides a transaction semantic which covers both the front and backend. This
guarantees the message will be delivered. This should be similar to what MQ provides in
its transaction support.
TCP window scaling
This provides a way to turn TCP window scaling. The default value is on.
Some of the network environment may require this setting to be off. This provides a way to
turn off TCP window scaling.
HTTP headers retention policy (1 of 3)
� DataPower suppress the following HTTP headers for outgoing traffic:

– Accept-Encoding (regardless of compression)
– Range
– TE
– MQMD
� “headerretention-policy” prevents such header suppression
You can modify the policy from both WebGUI or using CLI command.
HTTP headers retention policy (2 of 3)
WebGUI -> Network -> User Agent -> Header-Retention Policy
Screen capture of Header-Retention policy
HTTP headers retention Policy (3 of 3)
From command line interface (CLI)

xi50# co; user-agent
xi50(config user-agent default)# headerretention-policy http://server1/* Accept-Encoding
Support for ICRX token (1 of 3)
� What is ICRX Token

– Identity Context Reference eXtension (ICRX)
– z/OS® Distributed Identity Propagation (IDID)
– It is a CICS® requirement to integrate with a z/OS SAF/RACF® application’s client
• A SOAP Message sent to DP to do Authentication or Authorization
• Convert the user identity context to ICRX token.
• Wrap up the ICRX token as a WS-Sec BST.
• The output WS-Sec message is then sent back to SAF/RACF client.
The ICRX token is used to support the Distributed ID Propagation among different IBM
products.
It is for kind of a similar scenario using LTPA. DataPower is put in between of other
applications to do the security or token conversion.
The ICRX is a a binary contains IDID, both are defined by z/OS RACF development team.
The ICRX, as a WS-Sec token, is then base-64 encoded and wrapped as a WS-Security
Binary Security Token.
� How to use it ?
– Configure an AAA Policy as usual for access control
– Use the new PP method to convert the token to ICRX
The AAA identity, authentication, resource and authorization processing are working for the access control
purpose to consume the input message/token.
Then the authenticated user information, called as mapped-credential in AAAPolicy, is then converted by the
new Post Processing step into an ICRX token.
Here is a sample of the WS-Security message for ICRX :

<soapenv:Envelope>
<soapenv:Header>
<wsse:Security soapenv:role=“testRole" soapenv:mustUnderstand="1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-10.xsd">
<wsse:BinarySecurityToken wsu:Id="ICRX-4dffa842-b59c-44c8-9010-b7d92fe0e633"
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security
1.0#Base64Binary"
ValueType="http://www.IBM.com/xmlns/prod/zos/saf#ICRXV1">
ycPZ5wEDAP8AAARIAAAAAAAAABgAAAAAycTJxAEFA....
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<-- Message body goes here -->

</soapenv:Body>
</soapenv:Envelope>
� Customization
– The ICRX is generated with the User DN and Realm, which are un-escaped UTF8 string.
– User DN is from the AAA mapped-credentials, attempted as the following:
The <username/> element value, Programmable
Or the certificate's subject DN if the authentication was "validate-signer".
Or the SSL client certificate's subject DN if the authentication was "client-ssl".
Or the X509 BST token subject DN value if the authentication was based on the BST token extracted from EI
step.
Otherwise, the string value of the whole mapped-credential will be used, such as the "zosnss“, “ldap”
authentication.
– User Realm is from the AAA config or mapped-credentials, attempted as the following:
The "ICRX Realm" setting, if it is not empty. One static value per AAAPolicy
Or the value of the <realm/> element in mapped-credential, if it exists. Programmable.
Or the value of the <configured-realm/> element in mapped-credential, if it exists
otherwise, ICRX realm is an empty string.
The IDID contains the DN and Realm, both have un-escaped the UTF8 hexpair into byte
as required by RACFMAP command. For example, the sequence {‘\\’, ‘A’, ‘B’, ‘\\’, ‘C’, ‘D’}
actually is {0xAB, 0xCD} in the IDID.
The User DN info from DataPower is LDAP DN format, not X.500 format.
The ICRX will generate the ICRX with out-of-box AAA methods as defined as the above.
You can also use the Map Credential method to customize its output, then DataPower will
get the programmable result for the User DN or User Realm.
Flow control
� What is flow control

– Streaming in DataPower enables a MPGW to start flowing the message to the backend
before the whole message is read from the sending client.
– However, before 3.8.0, even messages that were streamed would cause memory growth
proportional to the message size, potentially causing an OOM for GB-sized file transfers.
– An MPGW can be configured for flow control which allows file transfers of arbitrary size
with no memory growth.
Flow control helps streaming of large document in DataPower Appliance without incurring
a memory growth on the appliance.
Configuring an MPGW with flow control
� Flow control is only available if the

Request/Response type is Non-XML
or Pass-Thru
� Both Front and Back side must be set
to Stream Messages
� Allow Chunked Uploads must be set
to on (Advanced tab)
This screen capture shows the bottom of a Multi-protocol Gateway configuration page with
required attributes highlighted.
How to troubleshoot flow control
� During a large file transfer monitor the memory usage with the CLI command “show mem”.
Once the transaction is started you should not see any growth in Memory Usage.
Unauthorized access prohibited.
login: admin
Password: *****
Welcome to DataPower XI50 console configuration.
Copyright IBM Corporation 1999-2009
Version: XI50.3.8.0.0 build main.178176 on 2009/10/05 15:01:08
Serial number: (unknown)
Notice: startup config contains errors.
xi50# show mem
Memory Usage: 45 %
Total Memory: 3110924 kbytes
Used Memory: 1425987 kbytes
Free Memory: 1684937 kbytes
Requested Memory: 438672 kbytes
Hold Memory: 242305 kbytes
xi50#
During a large file transfer monitor the memory usage with the CLI command “show mem”.
Once the transaction is started you should not see any growth in Memory Usage.
Support of DELE command in transparent mode
� FTP server front-side protocol handler

– Added support for deleting files in transparent mode
– RFC 959 DELE command
– Must be enabled in configuration
You now have the ability to delete files in FTP with RFC 959 DELE support for FTP front
side protocol handler in transparent mode. The DELE command must be enabled in the
FSH configuration.
Support of DELE command in Transparent Mode (continued)
� SFTP front-side protocol handler

– Added support for deleting files in transparent mode
– SSH_FXP_REMOVE command support
– Must be enabled in configuration
The ability to delete files with SFTP front side handler was added by enabling the
SSH_FXP_REMOVE command. This must be enabled in the FSH configuration.
Feedback
Your feedback is valuable

You can help improve the quality of IBM Education Assistant content to better meet your
needs by providing feedback.
� Did you find this module useful?
� Did it help you solve a problem or answer a question?
� Do you have suggestions for improvements?
Click to send e-mail feedback:

mailto:iea@us.ibm.com?subject=Feedback_about_380DataPower.ppt
This module is also available in PDF format at: ../380DataPower.pdf
You can help improve the quality of IBM Education Assistant content by providing
feedback.
Trademarks, copyrights, and disclaimers
IBM, the IBM logo, ibm.com, and the following terms are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both:
CICS DataPower IBM IMS RACF Tivoli WebSphere z/OS
If these and other IBM trademarked terms are marked on their first occurrence in this information with a trademark symbol (® or ™), these symbols indicate U.S. registered or common law
trademarks owned by IBM at the time this information was published. Such trademarks may also be registered or common law trademarks in other countries. A current list of other IBM
trademarks is available on the Web at "Copyright and trademark information" at http://www.ibm.com/legal/copytrade.shtml
Microsoft, and the Windows logo are registered trademarks of Microsoft Corporation in the United States, other countries, or both.
Java, and all Java-based trademarks and logos are trademarks of Sun Microsystems, Inc. in the United States, other countries, or both.
Other company, product, or service names may be trademarks or service marks of others.
Product data has been reviewed for accuracy as of the date of initial publication. Product data is subject to change without notice. This document could include technical inaccuracies or
typographical errors. IBM may make improvements or changes in the products or programs described herein at any time without notice. Any statements regarding IBM's future direction
and intent are subject to change or withdrawal without notice, and represent goals and objectives only. References in this document to IBM products, programs, or services does not imply
that IBM intends to make such products, programs or services available in all countries in which IBM operates or does business. Any reference to an IBM Program Product in this
document is not intended to state or imply that only that program product may be used. Any functionally equivalent program, that does not infringe IBM's intellectual property rights, may be
used instead.
THE INFORMATION PROVIDED IN THIS DOCUMENT IS DISTRIBUTED "AS IS" WITHOUT ANY WARRANTY, EITHER EXPRESS OR IMPLIED. IBM EXPRESSLY DISCLAIMS ANY
WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NONINFRINGEMENT. IBM shall have no responsibility to update this information. IBM products
are warranted, if at all, according to the terms and conditions of the agreements (for example, IBM Customer Agreement, Statement of Limited Warranty, International Program License
Agreement, etc.) under which they are provided. Information concerning non-IBM products was obtained from the suppliers of those products, their published announcements or other
publicly available sources. IBM has not tested those products in connection with this publication and cannot confirm the accuracy of performance, compatibility or any other claims related
to non-IBM products.
IBM makes no representations or warranties, express or implied, regarding non-IBM products and services.
The provision of the information contained herein is not intended to, and does not, grant any right or license under any IBM patents or copyrights. Inquiries regarding patent or copyright
licenses should be made, in writing, to:
IBM Director of Licensing

IBM Corporation
North Castle Drive
Armonk, NY 10504-1785
U.S.A.
Performance is based on measurements and projections using standard IBM benchmarks in a controlled environment. All customer examples described are presented as illustrations of
how those customers have used IBM products and the results they may have achieved. The actual throughput or performance that any user will experience will vary depending upon
considerations such as the amount of multiprogramming in the user's job stream, the I/O configuration, the storage configuration, and the workload processed. Therefore, no assurance
can be given that an individual user will achieve throughput or performance improvements equivalent to the ratios stated here.
© Copyright International Business Machines Corporation 2009. All rights reserved.
Note to U.S. Government Users - Documentation related to restricted rights-Use, duplication or disclosure is subject to restrictions set forth in GSA ADP Schedule Contract and IBM Corp.
43 © 2010 IBM Corporation

Datapower Xa/Xs/Xi Appliance: New in Version 3.8.0

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Datapower Xa/Xs/Xi Appliance: New in Version 3.8.0

Uploaded by

Copyright:

Available Formats

DataPower XA/XS/XI appliance

New in version 3.8.0

© 2010 IBM Corporation

� DataPower® option for Application Optimization

** Note : Not all features are apply to XA, nor XS

2 New in version 3.8.0 © 2010 IBM Corporation

� Use a xformbin action to transform the binary data.

xi50(config action xformbin_txmap)# show

xi50(config action xformbin_txmap)#

3 New in version 3.8.0 © 2010 IBM Corporation

� Only http:// and https:// are supported.

xi50(config xmlmgr default)# show

maxdocs 200 documents

size 1000000 bytes

policy *.dpa protocol 0 128

user-agent remote-dpa-https-user-agent [up]

xi50(config xmlmgr default)#

4 New in version 3.8.0 © 2010 IBM Corporation

� This provides High Availability when Oracle Database is used

5 New in version 3.8.0 © 2010 IBM Corporation

� RAC is Oracle's version of DB2/Z Sysplex

6 New in version 3.8.0 © 2010 IBM Corporation

7 New in version 3.8.0 © 2010 IBM Corporation

Normal database connection RAC connection

8 New in version 3.8.0 © 2010 IBM Corporation

The left side is DataPower's pre-3.8.0 perspective of an Oracle database; referenced

9 New in version 3.8.0 © 2010 IBM Corporation

The ServiceName is a layer of indirection in the Oracle configuration to map a single

� “Oracle Identifier Type” is new

10 New in version 3.8.0 © 2010 IBM Corporation

� Depending on the RAC configuration, DataPower may need extra info

11 New in version 3.8.0 © 2010 IBM Corporation

The “AlternateServers” configuration option may be necessary to explicitly tell DataPower

� Deployment Policy editor helps you configure the property to be affected

12 New in version 3.8.0 © 2010 IBM Corporation

13 New in version 3.8.0 © 2010 IBM Corporation

<WSDLSourceLocation>local:///b.wsdl</WSDLSourceLocation> <!– index -->

Resulting configuration from applying previous SOMA request in 3.8.0

<!– a.wsdl from the original config -->

<WSDLSourceLocation>local:///a.wsdl</WSDLSourceLocation> <!– index -->

<!– b.wsdl added -->

<WSDLSourceLocation>local:///b.wsdl</WSDLSourceLocation> <!– index -->

� all-domains {enabled | disabled}

domains is interfering with the operation of the appliance.

14 New in version 3.8.0 © 2010 IBM Corporation

� Pre-3.8.0: Administrator responsible for configuring processing policy to handle segmented

15 New in version 3.8.0 © 2010 IBM Corporation

� Configuring using Web GUI

16 New in version 3.8.0 © 2010 IBM Corporation

� If both back end and front end are IMS

17 New in version 3.8.0 © 2010 IBM Corporation

18 New in version 3.8.0 © 2010 IBM Corporation

� Configure using WebGUI to expect LLLL response header

19 New in version 3.8.0 © 2010 IBM Corporation

� Before 3.8.0 the limit was 32

20 New in version 3.8.0 © 2010 IBM Corporation

WS-Proxy support of non-HTTP backend (1 of 3)

21 New in version 3.8.0 © 2010 IBM Corporation

22 New in version 3.8.0 © 2010 IBM Corporation

� Screen capture of the WS-Proxy WebGUI support

23 New in version 3.8.0 © 2010 IBM Corporation