WebSphere Enterprise Service Bus, Version 6.2.0 Operating Systems: AIX, HP-UX, i5/OS, Linux, Solaris, Windows


Enabling security

The first step in securing your WebSphere® ESB environment and your applications is to enable administrative security.

Before you begin

Install WebSphere ESB and verify the installation before commencing these tasks.

Open the administrative console for the profile that you want to secure. Log in to the console using any user identity; until the profile is secure, any user name will be accepted.

About this task

For information about administrative security, application security, and Java™ 2 security, see the information listed under Subtopics.
Procedure
  1. Open the administrative security panel in the administrative console.

    Expand Security and click Secure administration, applications, and infrastructure.

  2. Enable administrative security.

    Select Enable administrative security.

  3. Enable application security.

    Select Enable application security.

  4. Optional: Enforce Java 2 security, if required.

    Select Use Java 2 security to restrict application access to local resources to enforce Java 2 security permission checking.

    When you enable Java 2 security, an application that requires more Java 2 security permissions than are granted in the default policy might fail to run properly until the required permissions are granted in either the app.policy file or the was.policy file of the application. Access Control exceptions are generated by applications that do not have all the required permissions. For more information about Java 2 security, see the topic on Configuring Java 2 security policy files in the WebSphere Application Server Information Center.

    Note: Updates to the app.policy file apply only to the enterprise applications on the node to which the app.policy file belongs.
    1. Optional: Select Warn if applications are granted custom permissions. The filter.policy file contains a list of permissions that an application should not have according to the J2EE 1.3 Specification. If an application is installed with a permission specified in this policy file and this option is enabled, a warning is issued. The default is enabled.
    2. Optional: Select Restrict access to resource authentication data. Enable this option if you need to restrict application access to sensitive Java Connector Architecture (JCA) mapping authentication data.
  5. Apply these changes.

    Click the Apply button at the bottom of the panel.

  6. Save the changes to the local configuration.

    Click Save in the message pane.

  7. If necessary, stop and restart the server.

    If the server needs to be restarted, a message will appear in the administrative console to this effect.

What to do next

You must turn on administrative security for each profile that you create.

task Task topic

Terms of use | Feedback


Timestamp icon Last updated: 21 June 2010


http://publib.boulder.ibm.com/infocenter/dmndhelp/v6r2mx/topic//com.ibm.websphere.wesb620.doc/doc/tsec_enablingglobal.html
Copyright IBM Corporation 2005, 2010. All Rights Reserved.
This information center is powered by Eclipse technology (http://www.eclipse.org).