Configure UDDI Security with WAS security disabled

Configure UDDI Security with WAS security disabled

We can configure the UDDI registry to use the UDDI Version 3 security API or the UDDI Version 1 and Version 2 publish security features. When WAS security is disabled, WAS security roles and data confidentiality constraints do not apply.
WAS security must be disabled.

We can configure the UDDI registry to use the UDDI security features with WAS security disabled for test purposes. It is not advisable to use this type of configuration for production purposes.
For UDDI Version 1 and Version 2 security, the following features are active and do not require further configuration:

UDDI Version 1 and Version 2 publish requests require UDDI Version 1 and Version 2 authentication tokens respectively. Publishers that request or use an authentication token must be registered WebSphere Application Server users.

UDDI Version 1 and Version 2 inquiry requests do not require authentication tokens.

For UDDI Version 3, configure the UDDI registry to use the UDDI Version 3 Security API, or to use authentication tokens with the Version 3 Publish and Custody Transfer APIs.
To configure the UDDI registry to use the UDDI Version 3 security features, you use the console.

Click UDDI > UDDI Nodes > uddi_node.

In the General Properties section, select Use authInfo credentials if provided to specify that the authInfo contents in UDDI API requests are used to validate users.

Click OK.

Results
Authentication tokens are required for publish requests and custody transfer requests, but not for inquiry requests. Publishers that request or use an authentication token must be registered WebSphere Application Server users.

Next topic: UDDI registry security and UDDI registry settings

Related tasks

Configure UDDI security with WAS security enabled

Security API for the UDDI Version 3 registry