The Security Info settings on the Bootstrap Preferences page allow you to redirect logins. The behavior of the settings differ in Workplace and Workplace XT:
When using Workplace and Application Integration, you can secure the user IDs and passwords that travel over the network by redirecting to an SSL server.
To redirect logins to SSL
Repeat Step 2 for each unsecured Application Engine from which you want to redirect logins to the SSL server.
NOTE After performing this procedure to redirect logins to an SSL server, Site Preferences also runs under SSL to protect the guest account user ID and password. This means that when you run Site Preferences on an unsecured server that redirects logins to an SSL server, you are editing the Bootstrap preferences of the SSL server. This does not affect the preferences set on the General, Object Store, and Shortcut views; those preferences are retrieved from the preferences file saved in the object store.
See "Set up Application Engine SSL Security" in the FileNet P8 Installation and Upgrade Guide for more information.
The Java™ Server HTTP Port setting identifies the listener port for a remote Java server. For example, when you have an HTTP server such as IBM HTTP/Apache configured as the front end for a WebSphere Application Server, the Apache listener port is typically 80, and the WebSphere server is, by default, on port 9080. In this case, you must set the Java Server HTTP Port setting to 9080.
When using the Workplace XT application, you can secure user IDs and passwords on the network by redirecting user logins to an SSL server. For Application Integration users, you can use the same procedure as for Workplace. (See Redirect to SSL via Site Preferences (Workplace) above for information.) Note that in Workplace XT, the Workplace procedure applies only to Application Integration's use of SSL. Otherwise, the SSL redirection is controlled by the setting for the transport-guarantee attribute in the <WorkplaceXT_install_path>\FileNet\WEB-INF\web.xml property file. When not using SSL, specify a value of NONE; when using SSL, specify a value of CONFIDENTIAL. For complete instructions, see "Set up SSL Security for IBM FileNet Workplace XT" in the IBM FileNet Workplace XT Installation and Upgrade Guide.
The examples below illustrate the non-use and use of SSL in WebLogic and WebSphere application server environments.
WebLogic and WebSphere (not using SSL):
<security-constraint> <web-resource-collection> <web-resource-name>action</web-resource-name> <description>Define the container secured resource</description> <url-pattern>/</url-pattern> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>All Authenticated</role-name> </auth-constraint> <user-data-constraint> <description>User data constraints</description> <transport-guarantee>NONE</transport-guarantee> </user-data-constraint> </security-constraint>
WebLogic and WebSphere (using SSL):
<security-constraint> <web-resource-collection> <web-resource-name>action</web-resource-name> <description>Define the container secured resource</description> <url-pattern>/ContainerLogin.jsp</url-pattern> </web-resource-collection> <auth-constraint> <role-name>All Authenticated</role-name> </auth-constraint> <user-data-constraint> <description>User data constraints</description> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>