+

Search Tips   |   Advanced Search

Configuring UDDI security with WAS security enabled

We can configure the UDDI registry to use the UDDI Version 3 security API or the UDDI Version 1 and Version 2 publish security features. Because WAS security is enabled, WebSphere Application Server data confidentiality management is independent of UDDI security.

WAS security must be enabled.

We can configure the UDDI registry to use the UDDI security features if this is a requirement. However, for production use, another option is to configure the UDDI Version 3 registry to use WAS security.

The UDDI Version 1 and Version 2 publish security features involve the use of authentication tokens.

To configure the UDDI registry to use the UDDI security features, you use the console.

  1. In the navigation pane of the console, click Applications > Application Types > WebSphere enterprise applications.

  2. In the content pane, click the UDDI registry application.

  3. Under Detail Properties, click Security role to user/group mapping.

  4. Set the WAS security role mappings to Everyone for the following UDDI services:

    • Versions 1 and 2 SOAP publish service (SOAP_Publish _User)

    • Version 3 publish service (V3SOAP_Publish_User_Role)

    • Version 3 custody transfer service (V3SOAP_CustodyTransfer_User_Role)

    • Version 3 security service (V3SOAP_Security_User_Role)

    This change to the role mappings ensures that WAS security cannot override UDDI security.

  5. For the UDDI Version 3 Publish and Custody Transfer services, ensure that the UDDI Policy is set to require the use of authentication tokens. The use of authentication tokens is already required for Version 1 and Version 2 Publish services.

    1. Click UDDI > UDDI Nodes > uddi_node > [Policy Groups] API policies.

    2. Select Authorization for publish and Authorization for custody transfer .

    3. Optional: If we require authentication for UDDI Inquiry services, select Authorization for inquiry .

    4. Click OK.


Results

After the configuration is complete, WebSphere Application Server authenticates the credentials (user name and password) associated with the authentication token. No Security Role authentication restriction is imposed.

For details of WAS data confidentiality management, see the topic about configuring the UDDI registry to use WAS security.


Next topic: UDDI registry security and UDDI registry settings


Related tasks

  • Configure UDDI Security with WAS security disabled
  • Configure the UDDI registry to use WAS security

  • Security API for the UDDI Version 3 registry