|
Problem |
In a WebSphere® Application Server cell where Global
Security is enabled, you may want to disable security for individual
application servers, e.g. when you run some applications that can be
accessed anonymously, while others require authentication.
This can be done either from the Application Server Admin Console or using
wsadmin. |
|
Solution |
Solution using Admin Console:
- Go to "Application Servers"
- Select the appropriate server
- Select "Server security"
- Select "Server level security"
- Disable the "Enable global security" checkbox
- Save the settings and synchronize
Solution using wsadmin:
(assume you want to disable security for server1 on node
WASI02Base.)
- start wsadmin in Deploymentmanager/bin directory
wsadmin>$AdminConfig list Security
(cells/WASICELL:security.xml#Security_1106748574007)
- wsadmin>$AdminConfig list Server
dmgr(cells/WASICELL/nodes/WASI02DMGR/servers/dmgr:server.xml#Server_1)
jmsserver(cells/WASICELL/nodes/wasi01base/servers/jmsserver:server.xml#
Server_1106748571434)
nodeagent(cells/WASICELL/nodes/WASI02Base/servers/nodeagent:server.xml#
Server_1)
nodeagent(cells/WASICELL/nodes/wasi01base/servers/nodeagent:server.xml#
Server_1106748571153)
server1(cells/WASICELL/nodes/WASI02Base/servers/server1:server.xml#Server_1)
server1(cells/WASICELL/nodes/wasi01base/servers/server1:server.xml#Server_1)
- wsadmin>set server [$AdminConfig getid
/Cell:WASICELL/Node:WASI02Base/Server:server1]
server1(cells/WASICELL/nodes/WASI02Base/servers/server1:server.xml#Server_1)
- wsadmin>$AdminConfig list Security $server
- wsadmin>$AdminConfig create Security $server {{enabled false}}
(cells/WASICELL/nodes/WASI02Base/servers/server1:security.xml#Security_1151410503621)
- wsadmin>$AdminConfig save
The result of both solutions described above (Admin Console and wsadmin),
is a separate security.xml file for server1 containing
security enabled='false'.
After restarting server1, its applications (e.g. Snoop) can be accessed
without being
prompted for userid and password as it was before, while security for the
other servers in the cell is still active.
Remark:
It does not work the other direction. You cannot enable Server Level
Security, when the cell-wide Global Security is disabled. |
|
|
|
Cross Reference information |
Segment |
Product |
Component |
Platform |
Version |
Edition |
Application Servers |
Runtimes for Java Technology |
Java SDK |
|
|
|
|
|
|
|