+

Search Tips   |   Advanced Search

Set UDDI security with WebSphere Application WAS security enabled


Configure the UDDI registry to use the UDDI V 3 security API or the UDDI V1 and V2 publish security features. Because WAS security is enabled, WAS data confidentiality management is independent of UDDI security.

WAS security must be enabled.

Configure the UDDI registry to use the UDDI security features if this is a requirement. However, for production use, another option is to configure the UDDI V3 registry to use WAS security.

The UDDI V1 and V2 publish security features involve the use of authentication tokens.

To configure the UDDI registry to use the UDDI security features, you use the admin console.

 

  1. In the navigation pane of the admin console, click Applications > Application Types > WebSphere enterprise apps.

  2. In the content pane, click the UDDI registry application.

  3. Under Detail Properties, click Security role to user/group mapping.

  4. Set the WAS security role mappings to Everyone for the following UDDI services:

    • Versions 1 and 2 SOAP publish service (SOAP_Publish _User)

    • Version 3 publish service (V3SOAP_Publish_User_Role)

    • Version 3 custody transfer service (V3SOAP_CustodyTransfer_User_Role)

    • Version 3 security service (V3SOAP_Security_User_Role)

    This change to the role mappings ensures that WAS security cannot override UDDI security.

  5. For the UDDI V3 Publish and Custody Transfer services, verify the UDDI Policy is set to require the use of authentication tokens. The use of authentication tokens is already required for V 1 and V2 Publish services.

    1. Click UDDI > UDDI Nodes > uddi_node_name > [Policy Groups] API policies.

    2. Select Authorization for publish and Authorization for custody transfer .

    3. If we require authentication for UDDI Inquiry services, select Authorization for inquiry .

    4. Click OK.

 

Results

After the configuration is complete, WAS authenticates the credentials (user name and password) that are associated with the authentication token. No Security Role authentication restriction is imposed.

For details of WAS data confidentiality management, see Set the UDDI registry to use WAS security.

Next topic: UDDI registry security and UDDI registry settings

 

Related tasks


Set UDDI Security with WAS security disabled
Set the UDDI registry to use WAS security
Set UDDI registry security

 

Related


Security API for the UDDI V3 registry