The DS2 HTTP package
supports HTTP and HTTPS endpoints. The configuration of SAS Micro
Analytic Service defines the SSLCALISTLOC environment variable, which
specifies the location of the digital certificates for trusted certificate
authorities.
The SSLCALISTLOC environment
variable is defined in a host-specific configuration script that is
located in the application server's bin directory. For example,
a UNIX platform SAS-configuration-directory/LevN/Web/WebAppServer/SASServer13_1/bin/setenv.sh defines
SSLCALISTLOC with a value of SSLCALISTLOC=$JRE_HOME/../../../SASSecurityCertificateFramework/1.1/cacerts/trustedcerts.pem.
For more information about SSLCALISTLOC, see Encryption
in SAS 9.4.
When an HTTP endpoint
requires client authentication, it responds to the client with its
list of supported authentication mechanisms. The DS2 HTTP package
currently supports two of the three most common authentication mechanisms.
It supports Basic and Negotiate, but does not support the Digest mechanism.
Because Basic authentication in itself does not provide any credential
confidentiality, it should be used only when the data is being encrypted
through TLS. The DS2 HTTP package does not provide an interface allowing
the user to specify credentials, other than including them in the
URL. An example is http://username:password@example.com/. The Negotiate
mechanism supports Kerberos and, when it is used on Windows, NTLM
is also supported. For more information, see “Using the HTTP
Package” in SAS 9.4 DS2 Language Reference.