Security Definition

Security

Configuration of global security settings for a managed domain.

Attributes Summary

useLocalSecurityServer Specifies whether an appserver should uses a locla instance of security server or to use the security server in the node agent on the local node, on a remote node, or in cell manager, in that order.

useDomainQualifiedUserNames When true, user names returned by getUserPrincipal()-like calls, will be qualified with the security domain they reside within.

enabled Whether global security is enabled.

cacheTimeout Number of milliseconds after which the authentication cache will be refreshed.

issuePermissionWarning If enabld, warning will be issued during application installation if an application requires some Java 2 Permission's that normally should not be granted to applications.

allowAllPermissionForApplication Not in use.

activeProtocol Specifies active IIOP security authentication protocol when security is enabled.

enforceJava2Security When set to true, WebSphere will enforce Java 2 Security permission checking.

enableJava2SecRuntimeFiltering Enable Java 2 Security Permission runtime filtering.

activeAuthMechanism The authentication mechanism that will be used when WebSphere Application Server security is enabled.

authMechanisms A list of authentication mechanisms configured in the system.

userRegistries The config for a registry of users defined in the system.

activeUserRegistry Specifies the active User Registry when security is enabled.

authConfig Not in use.

applicationLoginConfig Specifies a list of JAAS login config to be used by application code including EJBs, JSPs, Servlets, and Resource Adpapters.

CSI Specifies config of the OMG CSIv2 security protocol.

IBM Specifies config of the IBM SAS security protocol that is used by WebSphere 3.

repertoire Specifies a list of SSL configs.

systemLoginConfig Specifies a list of JAAS login config to be used by system resources including authentication mechanism and principal and credential mapping.

authDataEntries Specifies a list of userid and password for use by Java 2 Connector default principal mapping module and by DataSource.

defaultSSLSettings Specify a config for using Secure Sockets Layer (SSL) support, such as the security level and whether SSL support is enabled.

authorizationTableImpl Not used and may be removed in a future release.

roleBasedAuthorization Specifies a list of system components that use the generalized Role Based Authorization for access control.

properties One usage of the properties list is for backward compatibility with previous releases of WebSphere products.

Attribute Details

useLocalSecurityServer
Specifies whether an appserver should uses a locla instance of security server or to use the security server in the node agent on the local node, on a remote node, or in cell manager, in that order.

Data type: Boolean
Default value: unspecified

useDomainQualifiedUserNames
When true, user names returned by getUserPrincipal()-like calls, will be qualified with the security domain they reside within.

Data type: Boolean
Default value: unspecified

enabled
Whether global security is enabled. When security is not enabled, all other security settings are ignored.

Data type: Boolean
Default value: unspecified

cacheTimeout
Number of milliseconds after which the authentication cache will be refreshed. Caching can improve performance with respect to authorization lookups.

Data type: Integer
Default value: unspecified

issuePermissionWarning
If enabld, warning will be issued during application installation if an application requires some Java 2 Permission's that normally should not be granted to applications. The filter.policy file contains a list of permissions that applications should not have according to J2EE 1.3 Specification.

Data type: Boolean
Default value: unspecified

allowAllPermissionForApplication
Not in use. May be removed in a future release.

Data type: Boolean
Default value: unspecified

activeProtocol
Specifies active IIOP security authentication protocol when security is enabled. Possible values are CSI (CSIv2), IBM, or BOTH.
data type:
Default value: unspecified

enforceJava2Security
When set to true, WebSphere will enforce Java 2 Security permission checking. When set to false, WebSphere Java 2 Security Manager will not be installed and all Java 2 Security permission checking is disabled.

Data type: Boolean
Default value: unspecified

enableJava2SecRuntimeFiltering
Enable Java 2 Security Permission runtime filtering. Runtime filtering is enabled by default. It is strongly recommended not to disable runtime permission filtering.

Data type: Boolean
Default value: unspecified

activeAuthMechanism
The authentication mechanism that will be used when WebSphere Application Server security is enabled.

Data type: AuthMechanism

authMechanisms
A list of authentication mechanisms configured in the system. Only one of the authentication mechanisms can be active in the system at a time.

Data type: AuthMechanism

userRegistries
The config for a registry of users defined in the system. There may many types of user registries. User registry config is required at the time that sercurity config is enabled. The default type of user registry is Local Operating System (because the default authentication mechanism is LocalOSAuthentication).

Data type: UserRegistry

activeUserRegistry
Specifies the active User Registry when security is enabled.

Data type: UserRegistry

authConfig
Not in use. Reserved by IBM for Future Use.

Data type: AuthorizationConfig

applicationLoginConfig
Specifies a list of JAAS login config to be used by application code including EJBs, JSPs, Servlets, and Resource Adpapters.

Data type: JAASConfiguration

CSI
Specifies config of the OMG CSIv2 security protocol.

Data type: IIOPSecurityProtocol

IBM
Specifies config of the IBM SAS security protocol that is used by WebSphere 3.x and 4.x appserver products.

Data type: IIOPSecurityProtocol

repertoire
Specifies a list of SSL configs.

Data type: SSLConfig

systemLoginConfig
Specifies a list of JAAS login config to be used by system resources including authentication mechanism and principal and credential mapping.

Data type: JAASConfiguration

authDataEntries
Specifies a list of userid and password for use by Java 2 Connector default principal mapping module and by DataSource.

Data type: JAASAuthData

defaultSSLSettings
Specify a config for using Secure Sockets Layer (SSL) support, such as the security level and whether SSL support is enabled.

Data type: SSLConfig

authorizationTableImpl
Not used and may be removed in a future release.

Data type: AuthorizationTableImpl

roleBasedAuthorization
Specifies a list of system components that use the generalized Role Based Authorization for access control.

Data type: RoleBasedAuthorization

properties
One usage of the properties list is for backward compatibility with previous releases of WebSphere products.

Data type: Property

WebSphere is a trademark of the IBM Corporation in the United States, other countries, or both.

IBM is a trademark of the IBM Corporation in the United States, other countries, or both.

Attributes Summary
useLocalSecurityServer	Specifies whether an appserver should uses a locla instance of security server or to use the security server in the node agent on the local node, on a remote node, or in cell manager, in that order.
useDomainQualifiedUserNames	When true, user names returned by getUserPrincipal()-like calls, will be qualified with the security domain they reside within.
enabled	Whether global security is enabled.
cacheTimeout	Number of milliseconds after which the authentication cache will be refreshed.
issuePermissionWarning	If enabld, warning will be issued during application installation if an application requires some Java 2 Permission's that normally should not be granted to applications.
allowAllPermissionForApplication	Not in use.
activeProtocol	Specifies active IIOP security authentication protocol when security is enabled.
enforceJava2Security	When set to true, WebSphere will enforce Java 2 Security permission checking.
enableJava2SecRuntimeFiltering	Enable Java 2 Security Permission runtime filtering.
activeAuthMechanism	The authentication mechanism that will be used when WebSphere Application Server security is enabled.
authMechanisms	A list of authentication mechanisms configured in the system.
userRegistries	The config for a registry of users defined in the system.
activeUserRegistry	Specifies the active User Registry when security is enabled.
authConfig	Not in use.
applicationLoginConfig	Specifies a list of JAAS login config to be used by application code including EJBs, JSPs, Servlets, and Resource Adpapters.
CSI	Specifies config of the OMG CSIv2 security protocol.
IBM	Specifies config of the IBM SAS security protocol that is used by WebSphere 3.
repertoire	Specifies a list of SSL configs.
systemLoginConfig	Specifies a list of JAAS login config to be used by system resources including authentication mechanism and principal and credential mapping.
authDataEntries	Specifies a list of userid and password for use by Java 2 Connector default principal mapping module and by DataSource.
defaultSSLSettings	Specify a config for using Secure Sockets Layer (SSL) support, such as the security level and whether SSL support is enabled.
authorizationTableImpl	Not used and may be removed in a future release.
roleBasedAuthorization	Specifies a list of system components that use the generalized Role Based Authorization for access control.
properties	One usage of the properties list is for backward compatibility with previous releases of WebSphere products.