Standalone custom registry settings
Use this page to configure the standalone custom registry. To view this console page...
Security | Secure administration, applications, and infrastructure | User account repository | Available realm definitions | Standalone custom registry | ConfigureAfter the properties are set in this panel, click Apply. Under Additional Properties, click Custom properties to include additional properties that the custom user registry requires.
Note that custom properties might include information such as specifying lists of users or groups.
When security is enabled and any of these custom user registry settings change, go to the Secure administration, applications, and infrastructure panel and click Apply to validate the changes.
WAS V6.1 distinguishes between the user identities for administrators who manage the environment and server identities for authenticating server to server communications. In most cases, server identities are automatically generated and are not stored in a repository. However, if you are adding a V5.0.x or 6.0.x node to a V6.1 cell, ensure that the V5.x or V6.0.x server identity and password are defined in the repository for this cell. Enter the server user identity and password on this panel.
Configuration tab
- Primary administrative user name
- Name of a user with administrative privileges defined in the custom user registry.
The user name is used to log onto the console when administrative security is enabled. V6.1 requires an administrative user that is distinct from the server user identity so that administrative actions can be audited.
In WAS v 5.x and 6.0.x, a single user identity is required for both administrative access and internal process communication. When migrating to V6.1, this identity is used as the server user identity. We need to specify another user for the administrative user identity.
- Automatically generated server identity
- Enable the appserver to generate the server identity, which is recommended for environments that contain only V6.1 or later nodes. Automatically generated server identities are not stored in a user repository.
To change the server identity go to...
Security | Secure administration, applications, and infrastructure | Authentication mechanisms and expirationChange the value of the Internal server ID field.
Default: Disabled - Server identity that is stored in the repository
- User identity in the repository used for internal process communication. Cells that contain V5.x or 6.0.x nodes require a server user identity that is defined in the active user repository.
Default: Enabled
- Server user ID or administrative user on a V6.0.x node
User ID that is used to run the appserver for security purposes.
- Password
Password that corresponds to the server ID.
- Custom registry class name
- Dot-separated class name that implements the interface...
com.ibm.websphere.security.UserRegistryPut the custom registry class name in the class path. A suggested location...
%install_root%/lib/ext
Data type: String Default: com.ibm.websphere.security.FileRegistrySample
- Ignore case for authorization
Indicates that a case-insensitive authorization check is performed when you use the default authorization.
Default: Disabled Range: Enabled or Disabled
Related tasks
Configure standalone custom registries
Related Reference
getRemoteUser and getAuthType methods
Standalone custom registry wizard settings