Configure UDDI registry security

The UDDI Version 3 registry uses the advantages of WAS security. The UDDI registry also supports the UDDI Version 3 Security API and the UDDI Version 1 and Version 2 security features.

For production use, it is advisable to configure the UDDI Version 3 registry to use WAS security. However, it is possible to configure the UDDI registry to use the UDDI security features if this is a requirement.

We can configure the UDDI registry to use the UDDI Version 3 security API or the UDDI Version 1 and Version 2 publish security features. For production use, we can configure the UDDI registry to use the UDDI security features with WAS security enabled. For test use, we can configure the UDDI registry to use the UDDI security features with WAS security disabled. Do not configure the UDDI registry to use the UDDI security features with WAS security disabled for production use.

To configure UDDI registry security...

1. Use one of the following procedures, depending on the type of configuration to set up:

   • Configure the UDDI registry to use WAS security.

   • Configure UDDI Security with WAS security enabled.

   • Configure UDDI Security with WAS security disabled.

2. Review the UDDI registry security and UDDI registry settings.

Subtopics

• Configure the UDDI registry to use WAS security
  We can configure the UDDI registry to determine whether users are allowed access to services, and to determine security of data at the transport level.

• Configure UDDI security with WAS security enabled
  We can configure the UDDI registry to use the UDDI Version 3 security API or the UDDI Version 1 and Version 2 publish security features. Because WAS security is enabled, WebSphere Application Server data confidentiality management is independent of UDDI security.

• Configure UDDI Security with WAS security disabled
  We can configure the UDDI registry to use the UDDI Version 3 security API or the UDDI Version 1 and Version 2 publish security features. When WAS security is disabled, WAS security roles and data confidentiality constraints do not apply.

• Access control for UDDI registry interfaces
  Access to UDDI registry interfaces is controlled by a combination of Java™ Platform, Enterprise Edition (Java EE) declarative security that uses role mappings, and UDDI properties and policies, such as registering users as UDDI publishers.

• UDDI registry security and UDDI registry settings
  In addition to the configuration of UDDI registry security, other UDDI registry settings can affect the security of the UDDI registry.

Security API for the UDDI Version 3 registry