Configure UDDI security with WAS security enabled
We can configure the UDDI registry to use the UDDI Version 3 security API or the UDDI Version 1 and v2 publish security features. Because WebSphere Application Server security is enabled, WAS data confidentiality management is independent of UDDI security.
WAS security must be enabled.
We can configure the UDDI registry to use the UDDI security features if this is a requirement. However, for production use, another option is to configure the UDDI Version 3 registry to use WAS security.
The UDDI Version 1 and v2 publish security features involve the use of authentication tokens.
To configure the UDDI registry to use the UDDI security features, we use the administrative console.
Tasks
- In the navigation pane of the administrative console, click...
Applications > Application Types > WebSphere enterprise applications.
- In the content pane, click the UDDI registry application.
- Under Detail Properties, click Security role to user/group mapping.
- Set the WAS security role mappings to Everyone for the following UDDI services:
- Versions 1 and 2 SOAP publish service (SOAP_Publish _User)
- Version 3 publish service (V3SOAP_Publish_User_Role)
- Version 3 custody transfer service (V3SOAP_CustodyTransfer_User_Role)
- Version 3 security service (V3SOAP_Security_User_Role)
This change to the role mappings ensures that WAS security cannot override UDDI security.
- For the UDDI Version 3 Publish and Custody Transfer services, ensure that the UDDI Policy is set to require the use of authentication tokens. The use of authentication tokens is already required for Version 1 and v2 Publish services.
- Click UDDI > UDDI Nodes > uddi_node > [Policy Groups] API policies.
- Select Authorization for publish and Authorization for custody transfer .
- Optional: If we require authentication for UDDI Inquiry services, select Authorization for inquiry .
- Click OK.
After the configuration is complete, WAS authenticates the credentials (user name and password) associated with the authentication token. No Security Role authentication restriction is imposed.
For details of WAS data confidentiality management, see the topic about configuring the UDDI registry to use WAS security.
Next topic: UDDI registry security and UDDI registry settings
Configure UDDI Security with WAS security disabled Configure the UDDI registry to use WAS security Security API for the UDDI Version 3 registry