Local OS authentication will not work in a distributed environment
 Technote (troubleshooting)
 
Problem(Abstract)
Local OS authentication cannot be used in an IBM® WebSphere® Application Server V5.0 cell environment that is distributed over multiple host machines. In a distributed environment, you must use either a lightweight directory access protocol (LDAP) or custom registry for authentication.
 
Resolving the problem
Click the following link to go to the WebSphere Application Server V5.0 Information Center section covering local operating system user registries.


A Local operating system (OS) user registry is not a centralized user registry like LDAP. Do not use a Local OS user registry in a distributed WebSphere Application Server environment, where application servers are distributed across several host machines, because each machine has its own user registry. There are exceptions, however; a Microsoft® Windows® domain registry is a centralized registry.

The access-IDs taken from the user registry are used during authorization checks. Since these IDs are typically unique identifiers, they vary from machine to machine even if the exact users and passwords exist on each machine.

The instructions on setting up the IBM Directory Server are in the IBM® Redbooks® publication IBM WebSphere V5.0 Security, number SG24-6573-00.

 
Related information
Information on LocalOS Authentication
IBM WebSphere V5.0 Security Redbooks publication
 
 
Cross Reference information
Segment Product Component Platform Version Edition
Application Servers Runtimes for Java Technology Java SDK
 
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > Security
Operating system(s): Windows
Software version: 6.1
Software edition:
Reference #: 1139779
IBM Group: Software Group
Modified date: Jan 20, 2006