If IBM® Enterprise
Records web
application is automatically configured with the Container Manager
Authentication (CMA) option, and you want to use Secure Socket Layer
(SSL) with the redirect option, then perform the following procedures,
depending on your application server, to enable SSL for your IBM Enterprise
Records web application by updating
its web.xml file. These steps are not required
for full SSL environments.
- WebSphere: Modify the web.xml file
in the ier_install_path/RecordsManager/WEB-INF directory:
- Make a backup copy of the web.xml file. The default file location is:
ier_install_path/RecordsManager/WEB-INF/web.xml
- Copy the <security_constraint> section,
as shown in the next step, and paste the new copied section directly
after the original.
- Make changes to the newly inserted <security_constraint> section
as follows (changes in bold): Change from:
<security-constraint>
<web-resource-collection>
<web-resource-name>action</web-resource-name>
<description>Define the container secured resource</description>
<url-pattern>/</url-pattern>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>All Authenticated</role-name>
</auth-constraint>
<user-data-constraint>
<description>User data constraints</description>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
to:<security-constraint>
<web-resource-collection>
<web-resource-name>action</web-resource-name>
<description>Define the container secured resource</description>
<url-pattern>ContainerLogin.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>All Authenticated</role-name>
</auth-constraint>
<user-data-constraint>
<description>User data constraints</description>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
The change also
removes the second occurrence of this line:<url-pattern>/*</url-pattern>
- Save your changes to the web.xml file.
- WebLogic and JBoss: Modify the web.xml file
in the <ier_install_path>/RecordsManager/WEB-INF directory:
- Make a backup copy of the web.xml file. The default file location is:
ier_install_path/RecordsManager/WEB-INF/web.xml
- In the <security_constraint> section,
change the parameter, as follows, from
<user-data-constraint>
<description>User data constraints</description>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
to: <user-data-constraint>
<description>User data constraints</description>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
- Save your changes to the web.xml file.