WebSphere Application Server Network Deployment, Version 6.0.x     Operating Systems: AIX, HP-UX, Linux, Solaris, Windows

Configuring UDDI Security with WebSphere Application Server security enabled

Why and when to perform this task

When WebSphere Application Server security is enabled, to use the UDDI Version 1 and Version 2 publish security features (use of authentication tokens) or the UDDI Version 3 security API, use the administrative console to complete the following steps:

Steps for this task

  1. In the navigation pane, click Applications > Enterprise Applications.
  2. In the content pane, click the UDDI Registry application. Under Additional Properties on the right hand side, click Map security roles to users/groups.
  3. Set the WebSphere Application Server security role mappings to Everyone for the following UDDI services:
    • Versions 1 and 2 SOAP publish service (SOAP_Publish _User)
    • Version 3 publish service (V3SOAP_Publish_User_Role)
    • Version 3 custody transfer service (V3SOAP_CustodyTransfer_User_Role)
    • Version 3 security service (V3SOAP_Security_User_Role)
    Changing the role mappings to Everyone prevents WebSphere Application Server security from overriding UDDI security.
  4. Ensure that UDDI Policy is set to require the use of authentication tokens for the UDDI Version 3 Publish and Custody Transfer services (use of authentication tokens is already required for Version 1 and Version 2 Publish services). To do this, click UDDI > UDDI Nodes > uddi_node_name, and under Policy Groups click APIs. Select the Authorization for publish and Authorization for custody transfer check boxes. (Select the Authorization for inquiry check box if you require authentication for UDDI Inquiry services).
  5. Click OK.

Result

With this configuration, no Security Role authentication restriction is imposed, but the credentials (user name and password) associated with the authentication token are authenticated by WebSphere Application Server.

Note: When WebSphere Application Server security is enabled, WebSphere Application Server data confidentiality management is independent of UDDI security and is managed as described in Configuring the UDDI Registry to use WebSphere Application Server security.



Related tasks
Configuring UDDI Security with WebSphere Application Server security disabled

Related reference
Security API for the UDDI Version 3 Registry

Task topic    

Terms of Use | Feedback

Last updated: Mar 17, 2005 4:28:29 AM CST
http://publib.boulder.ibm.com/infocenter/ws60help/index.jsp?topic=/com.ibm.websphere.nd.doc/info/ae/ae/twsu_uddisecurity1.html

© Copyright IBM Corporation 2005. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)