How to disable WebSphere Global Security for one Application Server in a secure cell
 Technote (FAQ)
 
Problem
In a WebSphere® Application Server cell where Global Security is enabled, you may want to disable security for individual application servers, e.g. when you run some applications that can be accessed anonymously, while others require authentication.

This can be done either from the Application Server Admin Console or using wsadmin.
 
Solution
Solution using Admin Console:
  1. Go to "Application Servers"
  2. Select the appropriate server
  3. Select "Server security"
  4. Select "Server level security"
  5. Disable the "Enable global security" checkbox
  6. Save the settings and synchronize

Solution using wsadmin:
(assume you want to disable security for server1 on node WASI02Base.)

  1. start wsadmin in Deploymentmanager/bin directory
    wsadmin>$AdminConfig list Security
    (cells/WASICELL:security.xml#Security_1106748574007)


  2. wsadmin>$AdminConfig list Server
    dmgr(cells/WASICELL/nodes/WASI02DMGR/servers/dmgr:server.xml#Server_1)
    jmsserver(cells/WASICELL/nodes/wasi01base/servers/jmsserver:server.xml# Server_1106748571434)
    nodeagent(cells/WASICELL/nodes/WASI02Base/servers/nodeagent:server.xml# Server_1)
    nodeagent(cells/WASICELL/nodes/wasi01base/servers/nodeagent:server.xml# Server_1106748571153)
    server1(cells/WASICELL/nodes/WASI02Base/servers/server1:server.xml#Server_1)
    server1(cells/WASICELL/nodes/wasi01base/servers/server1:server.xml#Server_1)


  3. wsadmin>set server [$AdminConfig getid /Cell:WASICELL/Node:WASI02Base/Server:server1]
    server1(cells/WASICELL/nodes/WASI02Base/servers/server1:server.xml#Server_1)


  4. wsadmin>$AdminConfig list Security $server


  5. wsadmin>$AdminConfig create Security $server {{enabled false}}
    (cells/WASICELL/nodes/WASI02Base/servers/server1:security.xml#Security_1151410503621)


  6. wsadmin>$AdminConfig save


The result of both solutions described above (Admin Console and wsadmin), is a separate security.xml file for server1 containing security enabled='false'.
After restarting server1, its applications (e.g. Snoop) can be accessed without being
prompted for userid and password as it was before, while security for the other servers in the cell is still active.

Remark:
It does not work the other direction. You cannot enable Server Level Security, when the cell-wide Global Security is disabled.
 
 
Cross Reference information
Segment Product Component Platform Version Edition
Application Servers Runtimes for Java Technology Java SDK
 
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > Administrative Scripting Tools (for example: wsadmin or ANT)
Operating system(s): Windows
Software version: 6.0
Software edition:
Reference #: 1245098
IBM Group: Software Group
Modified date: Aug 31, 2006