Enable WebSphere Application Server security

We can enable WebSphere Application Server security, which includes two orthogonal components: WebSphere global security and Java 2 security.

• Updating the WebSphere Commerce configuration with the WebSphere Application Server administrative security credentials

  WebSphere Commerce must know the WebSphere Application Server administrative security (global security) user ID and password in order to successfully complete automated configuration and deployment tasks. When you change the WebSphere Application Server administrative security (global security) user ID or password, we must store the updates in the WebSphere Commerce configuration.

• Enable WebSphere global security

  Global security represents the security configuration that is effective for the entire security domain. It includes the configuration of the common user registry, authentication mechanism, Java 2 Platform, Enterprise Edition (J2EE) role-based authorization, the Common Secure Interoperability Version 2 (CSIv2) authentication protocol, and the Secure Sockets Layer (SSL) configuration. In particular, J2EE role-based authorization guards access to Web resources such as servlets, JavaServer Pages (JSP) files, and Enterprise JavaBeans (EJB) methods.

• Enable Java 2 security

  WebSphere Commerce supports Java 2 security. It is disabled by default, but enabled automatically when you enable WebSphere global security. We can, however, choose to disable Java 2 security when you enable WebSphere global security and generally configure Java 2 security and WebSphere global security independently of one another.

• Configure security for the Dynamic Cache Monitor

• Disable WebSphere Application Server application security

  We can disable WebSphere Application Server application security.

• Disable WebSphere Application Server global security

  We can disable WebSphere Application Server global security.