SecurityCommon
This type is a class for model objects.
Configuration of global security settings for a managed domain.
Package: security
Known subtypes:
Security
AppSecurity
Classifier ID: -1
Instance class name: * Unspecified *
Instance class: * Unspecified *
Attributes Summary useLocalSecurityServer : EBoolean Specifies whether an application server should uses a locla instance of security server or to use the security server in the node agent on the local node, on a remote node, or in cell manager, in that order. useDomainQualifiedUserNames : EBoolean When true, user names returned by getUserPrincipal()-like calls, will be qualified with the security domain they reside within. enabled : EBoolean Whether global security is enabled. When security is not enabled, all other security settings are ignored. cacheTimeout : EInt Number of milliseconds after which the authentication cache will be refreshed. Caching can improve performance with respect to authorization lookups. issuePermissionWarning : EBoolean If enabld, warning will be issued during application installation if an application requires some Java 2 Permission's that normally should not be granted to applications. The filter.policy file contains a list of permissions that applications should not have according to J2EE 1.3 Specification. allowAllPermissionForApplication : EBoolean Not in use. May be removed in a future release. activeProtocol : IIOPSecurityProtocolKind Specifies active IIOP security authentication protocol when security is enabled. Possible values are CSI (CSIv2), IBM, or BOTH. enforceJava2Security : EBoolean When set to true, WebSphere will enforce Java 2 Security permission checking. When set to false, WebSphere Java 2 Security Manager will not be installed and all Java 2 Security permission checking is disabled. enableJava2SecRuntimeFiltering : EBoolean Enable Java 2 Security Permission runtime filtering. Runtime filtering is enabled by default. It is strongly recommended not to disable runtime permission filtering. enforceFineGrainedJCASecurity : EBoolean Enable fine grained access control when looking up user id and password using the WSPrincipalMappingLoginModule in a programatic JAAS login in application code. appEnabled : EBoolean This system flag will be set to true by WebSphere when secure applications were detected dynamicallyUpdateSSLConfig : EBoolean * No description is available * internalServerId : EString This is the Server ID use internally by WAS allowBasicAuth : EBoolean Specify if Basic Auth is allow or not. activeAuthMechanism : AuthMechanism @ The authentication mechanism that will be used when WebSphere Application Server security is enabled. authMechanisms : AuthMechanism * A list of authentication mechanisms configured in the system. Only one of the authentication mechanisms can be active in the system at a time. userRegistries : UserRegistry * The configuration for a registry of users defined in the system. There may many types of user registries. User registry configuration is required at the time that sercurity configuration is enabled. The default type of user registry is Local Operating System (because the default authentication mechanism is LocalOSAuthentication). activeUserRegistry : UserRegistry @ Specifies the active User Registry when security is enabled. authConfig : AuthorizationConfig @ Not in use. Reserved by IBM for Future Use. applicationLoginConfig : JAASConfiguration @ Specifies a list of JAAS login configuration to be used by application code including EJBs, JSPs, Servlets, and Resource Adpapters. CSI : IIOPSecurityProtocol @ Specifies configuration of the OMG CSIv2 security protocol. IBM : IIOPSecurityProtocol @ Specifies configuration of the IBM SAS security protocol used by WebSphere 3.x and 4.x application server products. repertoire : SSLConfig * Specifies a list of SSL configurations. systemLoginConfig : JAASConfiguration @ Specifies a list of JAAS login configuration to be used by system resources including authentication mechanism and principal and credential mapping. authDataEntries : JAASAuthData * Specifies a list of userid and password for use by Java 2 Connector default principal mapping module and by DataSource. defaultSSLSettings : SSLConfig @ Specify a configuration for using SSL support, such as the security level and whether SSL support is enabled. authorizationTableImpl : AuthorizationTableImpl @ Not used and may be removed in a future release. roleBasedAuthorization : RoleBasedAuthorization * Specifies a list of system components that use the generalized Role Based Authorization for access control. additionalSecAttrs : DescriptiveProperty * * No description is available * webAuthAttrs : DescriptiveProperty * * No description is available * managementScopes : ManagementScope * * No description is available * keyStores : KeyStore * * No description is available * trustManagers : TrustManager * * No description is available * keyManagers : KeyManager * * No description is available * keySetGroups : KeySetGroup * * No description is available * keySets : KeySet * * No description is available * wsPasswords : WSPassword * * No description is available * wsPasswordEncryptions : WSPasswordEncryption * * No description is available * wsPasswordLocators : WSPasswordLocator * * No description is available * wsSchedules : WSSchedule * * No description is available * wsNotifications : WSNotification * * No description is available * wsCertificateExpirationMonitor : WSCertificateExpirationMonitor @ * No description is available * sslConfigGroups : SSLConfigGroup * * No description is available * dynamicSSLConfigSelections : DynamicSSLConfigSelection * * No description is available * caClients : CAClient * * No description is available * auditPolicy : AuditPolicy @ * No description is available * wsSecurityScannerMonitor : WSSecurityScannerMonitor @ * No description is available * properties : Property * One usage of the properties list is for backward compatibility with previous releases of WebSphere products. auditSpecifications : AuditSpecification * * No description is available * outboundTrustedAuthenticationRealm : TrustedAuthenticationRealm @ * No description is available * inboundTrustedAuthenticationRealm : TrustedAuthenticationRealm @ * No description is available * certificates : Certificate * * No description is available * dynamicReload : DynamicReload @ * No description is available *
Attribute Details
useLocalSecurityServer - Specifies whether an application server should uses a locla instance of security server or to use the security server in the node agent on the local node, on a remote node, or in cell manager, in that order.
Data Type: EBoolean
Default value: unspecified
Required: false
Changeable: true
Unsettable: true
Many: false
Ordered: true
Lower bound: 0
Upper bound: 1
Unique: true
Derived: false
Transient: false
Volatile: false
useDomainQualifiedUserNames - When true, user names returned by getUserPrincipal()-like calls, will be qualified with the security domain they reside within.
Data Type: EBoolean
Default value: unspecified
Required: false
Changeable: true
Unsettable: true
Many: false
Ordered: true
Lower bound: 0
Upper bound: 1
Unique: true
Derived: false
Transient: false
Volatile: false
enabled - Whether global security is enabled. When security is not enabled, all other security settings are ignored.
Data Type: EBoolean
Default value: unspecified
Required: false
Changeable: true
Unsettable: true
Many: false
Ordered: true
Lower bound: 0
Upper bound: 1
Unique: true
Derived: false
Transient: false
Volatile: false
cacheTimeout - Number of milliseconds after which the authentication cache will be refreshed. Caching can improve performance with respect to authorization lookups.
Data Type: EInt
Default value: unspecified
Required: false
Changeable: true
Unsettable: true
Many: false
Ordered: true
Lower bound: 0
Upper bound: 1
Unique: true
Derived: false
Transient: false
Volatile: false
issuePermissionWarning - If enabld, warning will be issued during application installation if an application requires some Java 2 Permission's that normally should not be granted to applications. The filter.policy file contains a list of permissions that applications should not have according to J2EE 1.3 Specification.
Data Type: EBoolean
Default value: unspecified
Required: false
Changeable: true
Unsettable: true
Many: false
Ordered: true
Lower bound: 0
Upper bound: 1
Unique: true
Derived: false
Transient: false
Volatile: false
allowAllPermissionForApplication - Not in use. May be removed in a future release.
Data Type: EBoolean
Default value: unspecified
Required: false
Changeable: true
Unsettable: true
Many: false
Ordered: true
Lower bound: 0
Upper bound: 1
Unique: true
Derived: false
Transient: false
Volatile: false
activeProtocol - Specifies active IIOP security authentication protocol when security is enabled. Possible values are CSI (CSIv2), IBM, or BOTH.
Data Type: IIOPSecurityProtocolKind
Default value: unspecified
Allowed values:
0 - IBM
1 - CSI
2 - BOTH
Required: false
Changeable: true
Unsettable: true
Many: false
Ordered: true
Lower bound: 0
Upper bound: 1
Unique: true
Derived: false
Transient: false
Volatile: false
enforceJava2Security - When set to true, WebSphere will enforce Java 2 Security permission checking. When set to false, WebSphere Java 2 Security Manager will not be installed and all Java 2 Security permission checking is disabled.
Data Type: EBoolean
Default value: unspecified
Required: false
Changeable: true
Unsettable: true
Many: false
Ordered: true
Lower bound: 0
Upper bound: 1
Unique: true
Derived: false
Transient: false
Volatile: false
enableJava2SecRuntimeFiltering - Enable Java 2 Security Permission runtime filtering. Runtime filtering is enabled by default. It is strongly recommended not to disable runtime permission filtering.
Data Type: EBoolean
Default value: unspecified
Required: false
Changeable: true
Unsettable: true
Many: false
Ordered: true
Lower bound: 0
Upper bound: 1
Unique: true
Derived: false
Transient: false
Volatile: false
enforceFineGrainedJCASecurity - Enable fine grained access control when looking up user id and password using the WSPrincipalMappingLoginModule in a programatic JAAS login in application code.
Data Type: EBoolean
Default value: unspecified
Required: false
Changeable: true
Unsettable: true
Many: false
Ordered: true
Lower bound: 0
Upper bound: 1
Unique: true
Derived: false
Transient: false
Volatile: false
appEnabled - This system flag will be set to true by WebSphere when secure applications were detected
Data Type: EBoolean
Default value: unspecified
Required: false
Changeable: true
Unsettable: true
Many: false
Ordered: true
Lower bound: 0
Upper bound: 1
Unique: true
Derived: false
Transient: false
Volatile: false
dynamicallyUpdateSSLConfig - * No description is available *
Data Type: EBoolean
Default value: unspecified
Required: false
Changeable: true
Unsettable: false
Many: false
Ordered: true
Lower bound: 0
Upper bound: 1
Unique: true
Derived: false
Transient: false
Volatile: false
internalServerId - This is the Server ID use internally by WAS
Data Type: EString
Default value: unspecified
Required: false
Changeable: true
Unsettable: false
Many: false
Ordered: true
Lower bound: 0
Upper bound: 1
Unique: true
Derived: false
Transient: false
Volatile: false
allowBasicAuth - Specify if Basic Auth is allow or not.
Data Type: EBoolean
Default value: unspecified
Required: false
Changeable: true
Unsettable: true
Many: false
Ordered: true
Lower bound: 0
Upper bound: 1
Unique: true
Derived: false
Transient: false
Volatile: false
activeAuthMechanism - The authentication mechanism that will be used when WebSphere Application Server security is enabled.
Reference Type: AuthMechanism @
Containment: false
Container: false
Required: false
Changeable: true
Unsettable: false
Many: false
Ordered: true
Lower bound: 0
Upper bound: 1
Unique: true
Derived: false
Transient: false
Volatile: false
authMechanisms - A list of authentication mechanisms configured in the system. Only one of the authentication mechanisms can be active in the system at a time.
Reference Type: AuthMechanism *
Containment: true
Container: false
Required: false
Changeable: true
Unsettable: false
Many: true
Ordered: true
Lower bound: 0
Upper bound: Unbounded
Unique: true
Derived: false
Transient: false
Volatile: false
userRegistries - The configuration for a registry of users defined in the system. There may many types of user registries. User registry configuration is required at the time that sercurity configuration is enabled. The default type of user registry is Local Operating System (because the default authentication mechanism is LocalOSAuthentication).
Reference Type: UserRegistry *
Containment: true
Container: false
Required: false
Changeable: true
Unsettable: false
Many: true
Ordered: true
Lower bound: 0
Upper bound: Unbounded
Unique: true
Derived: false
Transient: false
Volatile: false
activeUserRegistry - Specifies the active User Registry when security is enabled.
Reference Type: UserRegistry @
Containment: false
Container: false
Required: false
Changeable: true
Unsettable: false
Many: false
Ordered: true
Lower bound: 0
Upper bound: 1
Unique: true
Derived: false
Transient: false
Volatile: false
authConfig - Not in use. Reserved by IBM for Future Use.
Reference Type: AuthorizationConfig @
Containment: true
Container: false
Required: true
Changeable: true
Unsettable: false
Many: false
Ordered: true
Lower bound: 1
Upper bound: 1
Unique: true
Derived: false
Transient: false
Volatile: false
applicationLoginConfig - Specifies a list of JAAS login configuration to be used by application code including EJBs, JSPs, Servlets, and Resource Adpapters.
Reference Type: JAASConfiguration @
Containment: true
Container: false
Required: true
Changeable: true
Unsettable: false
Many: false
Ordered: true
Lower bound: 1
Upper bound: 1
Unique: true
Derived: false
Transient: false
Volatile: false
CSI - Specifies configuration of the OMG CSIv2 security protocol.
Reference Type: IIOPSecurityProtocol @
Containment: true
Container: false
Required: true
Changeable: true
Unsettable: false
Many: false
Ordered: true
Lower bound: 1
Upper bound: 1
Unique: true
Derived: false
Transient: false
Volatile: false
IBM - Specifies configuration of the IBM SAS security protocol used by WebSphere 3.x and 4.x application server products.
Reference Type: IIOPSecurityProtocol @
Containment: true
Container: false
Required: true
Changeable: true
Unsettable: false
Many: false
Ordered: true
Lower bound: 1
Upper bound: 1
Unique: true
Derived: false
Transient: false
Volatile: false
repertoire - Specifies a list of SSL configurations.
Reference Type: SSLConfig *
Containment: true
Container: false
Required: false
Changeable: true
Unsettable: false
Many: true
Ordered: true
Lower bound: 0
Upper bound: Unbounded
Unique: true
Derived: false
Transient: false
Volatile: false
systemLoginConfig - Specifies a list of JAAS login configuration to be used by system resources including authentication mechanism and principal and credential mapping.
Reference Type: JAASConfiguration @
Containment: true
Container: false
Required: true
Changeable: true
Unsettable: false
Many: false
Ordered: true
Lower bound: 1
Upper bound: 1
Unique: true
Derived: false
Transient: false
Volatile: false
authDataEntries - Specifies a list of userid and password for use by Java 2 Connector default principal mapping module and by DataSource.
Reference Type: JAASAuthData *
Containment: true
Container: false
Required: false
Changeable: true
Unsettable: false
Many: true
Ordered: true
Lower bound: 0
Upper bound: Unbounded
Unique: true
Derived: false
Transient: false
Volatile: false
defaultSSLSettings - Specify a configuration for using SSL support, such as the security level and whether SSL support is enabled.
Reference Type: SSLConfig @
Containment: false
Container: false
Required: false
Changeable: true
Unsettable: false
Many: false
Ordered: true
Lower bound: 0
Upper bound: 1
Unique: true
Derived: false
Transient: false
Volatile: false
authorizationTableImpl - Not used and may be removed in a future release.
Reference Type: AuthorizationTableImpl @
Containment: true
Container: false
Required: false
Changeable: true
Unsettable: false
Many: false
Ordered: true
Lower bound: 0
Upper bound: 1
Unique: true
Derived: false
Transient: false
Volatile: false
roleBasedAuthorization - Specifies a list of system components that use the generalized Role Based Authorization for access control.
Reference Type: RoleBasedAuthorization *
Containment: true
Container: false
Required: false
Changeable: true
Unsettable: false
Many: true
Ordered: true
Lower bound: 0
Upper bound: Unbounded
Unique: true
Derived: false
Transient: false
Volatile: false
additionalSecAttrs - * No description is available *
Reference Type: DescriptiveProperty *
Containment: true
Container: false
Required: false
Changeable: true
Unsettable: false
Many: true
Ordered: true
Lower bound: 0
Upper bound: Unbounded
Unique: true
Derived: false
Transient: false
Volatile: false
webAuthAttrs - * No description is available *
Reference Type: DescriptiveProperty *
Containment: true
Container: false
Required: false
Changeable: true
Unsettable: false
Many: true
Ordered: true
Lower bound: 0
Upper bound: Unbounded
Unique: true
Derived: false
Transient: false
Volatile: false
managementScopes - * No description is available *
Reference Type: ManagementScope *
Containment: true
Container: false
Required: false
Changeable: true
Unsettable: false
Many: true
Ordered: true
Lower bound: 0
Upper bound: Unbounded
Unique: true
Derived: false
Transient: false
Volatile: false
keyStores - * No description is available *
Reference Type: KeyStore *
Containment: true
Container: false
Required: false
Changeable: true
Unsettable: false
Many: true
Ordered: true
Lower bound: 0
Upper bound: Unbounded
Unique: true
Derived: false
Transient: false
Volatile: false
trustManagers - * No description is available *
Reference Type: TrustManager *
Containment: true
Container: false
Required: false
Changeable: true
Unsettable: false
Many: true
Ordered: true
Lower bound: 0
Upper bound: Unbounded
Unique: true
Derived: false
Transient: false
Volatile: false
keyManagers - * No description is available *
Reference Type: KeyManager *
Containment: true
Container: false
Required: false
Changeable: true
Unsettable: false
Many: true
Ordered: true
Lower bound: 0
Upper bound: Unbounded
Unique: true
Derived: false
Transient: false
Volatile: false
keySetGroups - * No description is available *
Reference Type: KeySetGroup *
Containment: true
Container: false
Required: false
Changeable: true
Unsettable: false
Many: true
Ordered: true
Lower bound: 0
Upper bound: Unbounded
Unique: true
Derived: false
Transient: false
Volatile: false
keySets - * No description is available *
Reference Type: KeySet *
Containment: true
Container: false
Required: false
Changeable: true
Unsettable: false
Many: true
Ordered: true
Lower bound: 0
Upper bound: Unbounded
Unique: true
Derived: false
Transient: false
Volatile: false
wsPasswords - * No description is available *
Reference Type: WSPassword *
Containment: true
Container: false
Required: false
Changeable: true
Unsettable: false
Many: true
Ordered: true
Lower bound: 0
Upper bound: Unbounded
Unique: true
Derived: false
Transient: false
Volatile: false
wsPasswordEncryptions - * No description is available *
Reference Type: WSPasswordEncryption *
Containment: true
Container: false
Required: false
Changeable: true
Unsettable: false
Many: true
Ordered: true
Lower bound: 0
Upper bound: Unbounded
Unique: true
Derived: false
Transient: false
Volatile: false
wsPasswordLocators - * No description is available *
Reference Type: WSPasswordLocator *
Containment: true
Container: false
Required: false
Changeable: true
Unsettable: false
Many: true
Ordered: true
Lower bound: 0
Upper bound: Unbounded
Unique: true
Derived: false
Transient: false
Volatile: false
wsSchedules - * No description is available *
Reference Type: WSSchedule *
Containment: true
Container: false
Required: false
Changeable: true
Unsettable: false
Many: true
Ordered: true
Lower bound: 0
Upper bound: Unbounded
Unique: true
Derived: false
Transient: false
Volatile: false
wsNotifications - * No description is available *
Reference Type: WSNotification *
Containment: true
Container: false
Required: false
Changeable: true
Unsettable: false
Many: true
Ordered: true
Lower bound: 0
Upper bound: Unbounded
Unique: true
Derived: false
Transient: false
Volatile: false
wsCertificateExpirationMonitor - * No description is available *
Reference Type: WSCertificateExpirationMonitor @
Containment: true
Container: false
Required: false
Changeable: true
Unsettable: false
Many: false
Ordered: true
Lower bound: 0
Upper bound: 1
Unique: true
Derived: false
Transient: false
Volatile: false
sslConfigGroups - * No description is available *
Reference Type: SSLConfigGroup *
Containment: true
Container: false
Required: false
Changeable: true
Unsettable: false
Many: true
Ordered: true
Lower bound: 0
Upper bound: Unbounded
Unique: true
Derived: false
Transient: false
Volatile: false
dynamicSSLConfigSelections - * No description is available *
Reference Type: DynamicSSLConfigSelection *
Containment: true
Container: false
Required: false
Changeable: true
Unsettable: false
Many: true
Ordered: true
Lower bound: 0
Upper bound: Unbounded
Unique: true
Derived: false
Transient: false
Volatile: false
caClients - * No description is available *
Reference Type: CAClient *
Containment: true
Container: false
Required: false
Changeable: true
Unsettable: false
Many: true
Ordered: true
Lower bound: 0
Upper bound: Unbounded
Unique: true
Derived: false
Transient: false
Volatile: false
auditPolicy - * No description is available *
Reference Type: AuditPolicy @
Containment: true
Container: false
Required: false
Changeable: true
Unsettable: false
Many: false
Ordered: true
Lower bound: 0
Upper bound: 1
Unique: true
Derived: false
Transient: false
Volatile: false
wsSecurityScannerMonitor - * No description is available *
Reference Type: WSSecurityScannerMonitor @
Containment: true
Container: false
Required: false
Changeable: true
Unsettable: false
Many: false
Ordered: true
Lower bound: 0
Upper bound: 1
Unique: true
Derived: false
Transient: false
Volatile: false
properties - One usage of the properties list is for backward compatibility with previous releases of WebSphere products.
Reference Type: Property *
Containment: true
Container: false
Required: false
Changeable: true
Unsettable: false
Many: true
Ordered: true
Lower bound: 0
Upper bound: Unbounded
Unique: true
Derived: false
Transient: false
Volatile: false
auditSpecifications - * No description is available *
Reference Type: AuditSpecification *
Containment: true
Container: false
Required: false
Changeable: true
Unsettable: false
Many: true
Ordered: true
Lower bound: 0
Upper bound: Unbounded
Unique: true
Derived: false
Transient: false
Volatile: false
outboundTrustedAuthenticationRealm - * No description is available *
Reference Type: TrustedAuthenticationRealm @
Containment: true
Container: false
Required: false
Changeable: true
Unsettable: false
Many: false
Ordered: true
Lower bound: 0
Upper bound: 1
Unique: true
Derived: false
Transient: false
Volatile: false
inboundTrustedAuthenticationRealm - * No description is available *
Reference Type: TrustedAuthenticationRealm @
Containment: true
Container: false
Required: false
Changeable: true
Unsettable: false
Many: false
Ordered: true
Lower bound: 0
Upper bound: 1
Unique: true
Derived: false
Transient: false
Volatile: false
certificates - * No description is available *
Reference Type: Certificate *
Containment: true
Container: false
Required: false
Changeable: true
Unsettable: false
Many: true
Ordered: true
Lower bound: 0
Upper bound: Unbounded
Unique: true
Derived: false
Transient: false
Volatile: false
dynamicReload - * No description is available *
Reference Type: DynamicReload @
Containment: true
Container: false
Required: false
Changeable: true
Unsettable: false
Many: false
Ordered: true
Lower bound: 0
Upper bound: 1
Unique: true
Derived: false
Transient: false
Volatile: false
(C) COPYRIGHT International Business Machines Corp. 1996-2006