Enabling and configuring WAS security

Follow these steps to configure WebSphere® Application Server security. For versions prior to WebSphere Application Server V6.1, refer to the section following these tasks. If you have not already created a WebSphere Application Server instance, you will need to create one before performing these tasks.
  1. Click the Servers tab to open the Servers view.
  2. Right-click the server name (after it has been started) and select Run Administrative console.
  3. Expand Security and click Secure administration, applications and infrastructure.
  4. Click the Security Configuration Wizard button. The Security Configuration Wizard opens.
  5. Select the Enable application security check box, and ensure the Use Java 2 security to restrict application access to local resources is not selected. Click Next.
  6. The Select user repository page opens. Select the Standalone LDAP registry radio button, and click Next.
  7. The Configure user repository page opens:
    1. In the Primary administrative user name field, enter a user ID that will administer the LDAP configuration.
    2. Select IBM® SecureWay® Directory Server in the Type of LDAP server field.
    3. Type the host name or IP address of the System i™ in the Host field.
    4. The Port field should remain at the default setting, 389.
    5. In the Base distinguished name (DN) field, enter the domain name of the system in pair=value separated format. For example, if the domain name for your System i is torasbcc.torolab.ibm.com, then you would enter this text in the Base distinguished name (DN) field:
      dc=torasbcc,dc=torolab,dc=ibm,dc=com
    6. Leave the Bind distinguished name (DN) and Bind password fields blank, and click Next.
  8. The Summary page opens. Click Finish.
  9. Save the changes and close the WAS Administrative Console.
  10. Restart the server.

Enabling and configuring WAS security for versions prior to v6.1

Setting up WebSphere Application Server security is the same for the production and test environments. When using the test environment, however, the Administrative Console must be enabled.
  1. In the Server Configuration view, double-click the server configuration.
  2. Click the Configuration tab and check Enable administration console.
  3. Save the configuration and restart the server.
  4. Right-click the server name and select Run administrative console.
  5. Expand Security > User Registries and click LDAP to open the LDAP Security Configuration page to update the security settings for LDAP. This example uses LDAP, which is required for implementing single signon. If you select the i5/OS® registry, authentication is performed using user profiles on your i5/OS system.
  6. Enter the following values for LDAP security:
    • Server User ID - enter a user ID registered for LDAP that WAS will use to access the LDAP server
    • Server User Password - enter the password
    • Type - select SecureWay
    • Host - enter the host name. This is the host name that WebSphere Application Server will use when connecting to LDAP. You should use the full domain name.
    • Port - use the default port of 389
    • Base Distinguished Name (DN) - enter the base distinguished name of the directory service. (For example, dc=myhostname, dc=mycompany, dc=com.) This indicates the starting point when LDAP searches the directory service.
    • Check Ignore Case.
  7. Click OK to apply the updates. The Global Security page is displayed.
  8. Check Enabled and uncheck Enforce Java 2 Security. Specify LDAP for the Active User Registry and click OK
  9. Save the changes and close the WAS Administrative Console.
  10. Restart the server.

Feedback