WAS v8.5 > Secure applications > Secure web services > Configure UDDI registry securityConfigure UDDI security with WAS security enabled
We can configure the UDDI registry to use the UDDI v3 security API or the UDDI v1 and v2 publish security features. Because WebSphere Application Server security is enabled, WAS data confidentiality management is independent of UDDI security.
WAS security must be enabled.
We can configure the UDDI registry to use the UDDI security features if this is a requirement. However, for production use, another option is to configure the UDDI v3 registry to use WAS security.
The UDDI v1 and v2 publish security features involve the use of authentication tokens.
To configure the UDDI registry to use the UDDI security features, we use the dmgr console.
- In the navigation pane of the dmgr console, click Applications > Application Types > WebSphere enterprise applications.
- In the content pane, click the UDDI registry application.
- Under Detail Properties, click Security role to user/group mapping.
- Set the WAS security role mappings to Everyone for the following UDDI services:
- Versions 1 and 2 SOAP publish service (SOAP_Publish _User)
- v3 publish service (V3SOAP_Publish_User_Role)
- v3 custody transfer service (V3SOAP_CustodyTransfer_User_Role)
- v3 security service (V3SOAP_Security_User_Role)
This change to the role mappings ensures that WAS security cannot override UDDI security.
- For the UDDI v3 Publish and Custody Transfer services, ensure the UDDI Policy is set to require the use of authentication tokens. The use of authentication tokens is already required for v1 and v2 Publish services.
- Click UDDI > UDDI Nodes > uddi_node_name > [Policy Groups] API policies.
- Select Authorization for publish and Authorization for custody transfer .
- Optional: If you require authentication for UDDI Inquiry services, select Authorization for inquiry .
- Click OK.
Results
After the configuration is complete, WAS authenticates the credentials (user name and password) associated with the authentication token. No Security Role authentication restriction is imposed.
For details of WAS data confidentiality management, see the topic about configuring the UDDI registry to use WAS security.
Next topic: UDDI registry security and UDDI registry settings
Related
Configure UDDI Security with WAS security disabled
Configure the UDDI registry to use WAS security
Reference:
Security API for the UDDI v3 registry