Configure UDDI Security with WAS security disabled
We can configure the UDDI registry to use the UDDI Version 3 security API or the UDDI Version 1 and v2 publish security features. When WebSphere Application Server security is disabled, WAS security roles and data confidentiality constraints do not apply.
WAS security must be disabled.
We can configure the UDDI registry to use the UDDI security features with WAS security disabled for test purposes. It is not advisable to use this type of configuration for production purposes.
For UDDI Version 1 and v2 security, the following features are active and do not require further configuration:
- UDDI Version 1 and v2 publish requests require UDDI Version 1 and v2 authentication tokens respectively. Publishers that request or use an authentication token must be registered WAS users.
- UDDI Version 1 and v2 inquiry requests do not require authentication tokens.
For UDDI Version 3, configure the UDDI registry to use the UDDI Version 3 Security API, or to use authentication tokens with the Version 3 Publish and Custody Transfer APIs.
To configure the UDDI registry to use the UDDI Version 3 security features, we use the administrative console.
Tasks
- Click UDDI > UDDI Nodes > uddi_node.
- In the General Properties section, select Use authInfo credentials if provided to specify that the authInfo contents in UDDI API requests are used to validate users.
- Click OK.
Authentication tokens are required for publish requests and custody transfer requests, but not for inquiry requests. Publishers that request or use an authentication token must be registered WAS users.
Next topic: UDDI registry security and UDDI registry settings
Configure UDDI security with WAS security enabled Security API for the UDDI Version 3 registry