InfoCenter Home > 6.6.18.1.1e: Configuring permissions
When finished configuring method groups, exit the task by clicking any other resource or task in the administrative console. Securing WebSphere administrative accountsAbility to administer WebSphere Application Server after it has been secured is governed by a Web application. You can set up an initial account and additional administrative accounts to access the secured product. See the information about administrative accounts for details and instructions. Setting permissions to authenticiate against local and domain registries (Windows)WebSphere Application Server security supports authentication both against the domain registry and the local registry of a supported, Windows-based machine. The administrator can force authentication against the local registry by setting permissions appropriately. If a machine is part of a Windows domain, when a user authenticates to WebSphere Application Server security, the user is first authenticated against the domain registry. If that fails, the user is authenticated against the local operating system registry. If the user exists in both the local and domain registries, and authorization has been granted to the local user, it becomes necessary to qualify the user name when logging on to WebSphere security. For an example of the implications of setting permissions, suppose a machine named "LOCAL" belongs to a domain named "DOMAIN." The users "user1" and "user2" exist in both the LOCAL and DOMAIN registries:
Suppose the WebSphere administrator configures permissions such that the following users can access a WebSphere resource:
When user1 logs on to access a resource, he or she must specify LOCAL\user1 (not simply user1) as the user name for successful authentication. When user2 logs on, he or she can specify simply user2. |
| ||
|