IBM BPM, V8.0.1, All platforms > Securing IBM BPM and applications > Configure administrative and application security
Configure application security
Applications deployed to your IBM BPM instance require security to be built into them which will later be applied at run time.
The applications that you host in your IBM BPM environment perform many business critical functions that require security. Some applications will access, transfer, or alter sensitive information (for example, payroll information or credit card details). Others will perform billing or inventory management. The security of these applications is vitally important.
Important: Application security is required by IBM BPM and must not be turned off in the administrative console.
Secure your applications by doing the following:
Procedure
- Ensure that administrative security is enabled.
- Ensure that application security is enabled.
- On the administrative console, expand Security and click Global security.
- Select Enable application security so that IBM BPM will require authentication from users who try to access a secured application.
- Develop your applications in Integration Designer using all appropriate security features.
- Deploy your applications to your IBM BPM environment, assigning users or groups to appropriate security roles.
- Maintain the security of your IBM BPM environment.
-
Enabling security for additional components
When a profile is created, default values are used for security credentials. After the profile is created, the security settings can be configured using the administrative console. -
Augmenting IBM BPM profiles with security
You can take steps to secure your environment when you augment the WebSphere Application Server for z/OS default profile with IBM BPM security profile data. Alternatively you can provide the same information on the administrative console after you augment the profile.
Configure administrative and application security
Related tasks:
Configure administrative and application security