WAS v8.5 > Secure applications > Secure web services

Configure UDDI registry security

The UDDI v3 registry uses the advantages of WebSphere Application Server security. The UDDI registry also supports the UDDI v3 Security API and the UDDI v1 and v2 security features.

For production use, it is advisable to configure the UDDI v3 registry to use WAS security. However, it is possible to configure the UDDI registry to use the UDDI security features if this is a requirement.

We can configure the UDDI registry to use the UDDI v3 security API or the UDDI v1 and v2 publish security features. For production use, we can configure the UDDI registry to use the UDDI security features with WAS security enabled. For test use, we can configure the UDDI registry to use the UDDI security features with WAS security disabled. Do not configure the UDDI registry to use the UDDI security features with WAS security disabled for production use.

To configure UDDI registry security...

1. Use one of the following procedures, depending on the type of configuration to set up:
   • Configure the UDDI registry to use WAS security.
   • Configure UDDI Security with WAS security enabled.
   • Configure UDDI Security with WAS security disabled.

2. Review the UDDI registry security and UDDI registry settings.

Subtopics

• Configure the UDDI registry to use WAS security
  We can configure the UDDI registry to determine whether users are allowed access to services, and to determine security of data at the transport level.
• Configure UDDI security with WAS security enabled
  We can configure the UDDI registry to use the UDDI v3 security API or the UDDI v1 and v2 publish security features. Because WAS security is enabled, WAS data confidentiality management is independent of UDDI security.
• Configure UDDI Security with WAS security disabled
  We can configure the UDDI registry to use the UDDI v3 security API or the UDDI v1 and v2 publish security features. When WAS security is disabled, WAS security roles and data confidentiality constraints do not apply.
• Access control for UDDI registry interfaces
  Access to UDDI registry interfaces is controlled by a combination of Java™ Platform, Enterprise Edition (Java EE) declarative security that uses role mappings, and UDDI properties and policies, such as registering users as UDDI publishers.
• UDDI registry security and UDDI registry settings
  In addition to the configuration of UDDI registry security, other UDDI registry settings can affect the security of the UDDI registry.

Reference:

Security API for the UDDI v3 registry

+

Search Tips   |   Advanced Search