WebSEAL configuration file

The operation of the WebSEAL server is controlled using the WebSEAL configuration file and a corresponding obfuscated file used for sensitive data. Use the local management interface to modify the configuration file. For details on the stanza entries that we can use in the WebSEAL configuration file, see the web reverse proxy Stanza Reference topics in the IBM Knowledge Center.

Configuration file organization

The configuration file contains sections that control specific portions of WebSEAL. Each section contains further divisions that are called stanzas. Stanza labels appear in brackets.

[stanza_name]

For example, the [ssl] stanza defines the SSL configuration settings for use by the WebSEAL server. Each stanza in an ISAM configuration file contains one or more stanza entries. A stanza entry consists of a key value pair, which contains information that is expressed as a paired set of stanza entries. Each stanza entry has the following format:

key = value

The initial installation of WebSEAL establishes many of the default values. Some values are static and never change; other values can be modified to customize server function and performance. The ASCII-based text file can be edited with a common text editor.

Configuration file name and location

A unique WebSEAL configuration file is created for each WebSEAL instance. The name of the configuration file includes the instance name.

webseald-instance.conf

The administrator can use the local management interface to configure more WebSEAL instances and specify each new instance_name. The configuration utility uses the specified instance_name to name the new WebSEAL configuration file. For example, if you name the new WebSEAL instance webseal2, the following configuration file is created:

webseald-webseal2.conf

See WebSEAL instance deployment.

Steps

1. Log in to the local management interface.

2. Select Web > Manage > Reverse Proxy.

3. Select the appropriate WebSEAL instance.

4. Select...
   Manage > Configuration > Edit Configuration File

   To complete basic configuration file updates, select the WebSEAL instance and click Edit.

5. Make the required changes to the configuration.

6. Save your changes. The local management interface displays a warning message that states about an undeployed change.

7. Click Click here to review the changes or apply them to the system. Review the change and click Deploy. A System Warning displays to indicate the deployment is complete and a restart is required.

8. Restart the WebSEAL instance from the Reverse Proxy Management page for these changes to take effect.

Parent topic: Web server configuration

Related concepts

• Content caching
• Communication protocol configuration
• IPv4 and IPv6 overview
• IPv6: Compatibility support
• IP levels for credential attributes
• LDAP directory server configuration
• WebSEAL worker thread configuration
• WebSEAL worker threads
• Global allocation of worker threads for junctions
• Per-junction allocation of worker threads for junctions
• HTTP data compression
• WebSEAL data handling by using UTF-8
• UTF-8 dependency on user registry configuration
• UTF-8 data conversion issues
• UTF-8 impact on authentication
• UTF-8 impact on authorization (dynamic URL)
• Encoding type usage
• UTF-8 support for uniform resource locators
• UTF-8 support in POST body information (forms)
• UTF-8 support in query strings
• UTF-8 encoding of tokens for cross domain single signon
• UTF-8 encoding of tokens for e-community single signon
• UTF-8 encoding of cookies for failover authentication
• UTF-8 encoding of cookies for LTPA authentication
• UTF-8 encoding in junction requests
• Validation of character encoding in request data
• Set system environment variables
• Cross-Origin Resource Sharing (CORS) Support

Related tasks

• Specify the WebSEAL host name
• Configure WebSEAL for IPv6 and IPv4 requests

Related reference

• IPv6: Upgrade notes
• Allocation view of worker threads for junctions
• Supported wildcard pattern matching characters