Administration application settings as they compare to the Version 5 administrative console settings

The following table shows the Version 4.0.1 administration application settings as they compare to the Version 5 administrative console settings with associated notes.


Administration application settings as they compare to the Version 5 administrative console settings

Version 4.0.1 Administration application settings Version 5 Administrative console settings Notes
Local Identity

[5.0 only]Click Security > zSAS Authentication > Local Identity.

[Version 5.0.2 and later]Click Security > Global Security. Under Additional Properties, click z/OS Security Options. Type the information in the Local Identity field.

* Required always
Remote Identity

[5.0 only]Click Security > zSAS Authentication > Remote Identity.

[Version 5.0.2 and later]Click Security > Global Security. Under Additional Properties, click z/OS Security Options. Type the information in the Remote Identity field.

*Required always
Allow Unauthenticated Clients

[5.0 only]Click Security > zSAS Authentication > Allow Unauthenticated Clients.

[Version 5.0.2 and later]Click Security > Authentication Protocol > zSAS Transport. Select the check box next to AllowUnauthenticated Clients.

 
Userid Password Allowed

[5.0 only]Click Security > zSAS Authentication > Userid Password.

[Version 5.0.2 and later]Click Security > Authentication Protocol > zSAS Transport. Select the check box next to Userid Password.

** Ignored unless SAS
Userid Passticket Allowed

[5.0 only]Click Security > zSAS Authentication > Userid Passticket.

[Version 5.0.2 and later]Click Security > Authentication Protocol > zSAS Transport. Select the check box next to Userid Passticket.

** Ignored unless SAS

Note: A restriction for this setting requires any application client wishing to communicate with a server configured to use passticket to set the daemon_group_name variable. You can set this variable by adding the following statement to the client shell script or setupCmdLine.sh file in the $WAS_HOME\bin directory :

export daemon_group_name=<GROUP NAME>

SSL Type 1 Allowed

[5.0 only]Click Security > zSAS Authentication > Basic Authentication.

[Version 5.0.2 and later]Click Security > Authentication Protocol > zSAS Transport. Select the check box next to Basic Authentication.

** Ignored unless SAS
SSL Client Certificates Allowed

[5.0 only]Click Security > zSAS Authentication > Client Certificate.

[Version 5.0.2 and later]Click Security > Authentication Protocol > zSAS Transport. Select the check box next to Client Certificate.

** Ignored unless SAS
Accept Asserted Identities Allowed

[5.0 only]Click Security > zSAS Authentication > Identity Assertion Inbound.

[Version 5.0.2 and later]Click Security > Authentication Protocol > zSAS Transport. Select the check box next to Identity Assertion Inbound .

** Ignored unless SAS
Send Asserted Identities Allowed

[5.0 only]Click Security > zSAS Authentication > Identity Assertion Outbound.

[Version 5.0.2 and later]Click Security > Authentication Protocol > zSAS Transport. Select the check box next to Identity Assertion Outbound.

** Ignored unless SAS
SSL RACF Keyring Click Defined in System SSL Repertoire > SSL Setting.  
SSL V3 Timeout Click Defined in System SSL Repertoire > SSL Setting.  
Enable Setting OS Thread Identity to RunAs

[5.0 only]Click Security > zSAS Authentication > Sync to OS Thread Allowed.

[Version 5.0.2 and later]Click Security > Global Security. Under Additional Properties, click zOS Security Options. Select the check box next to Sync to OS Thread Allowed.

 
IIOP Firewall Port

[5.0 only]Click Server > server_name > End Points > ORB Listener Address > Port.

[Version 5.0.2 and later]Click Servers > Application Servers > server_name. Under Additional Properties, click End Points > ORB_LISTENER_ADDRESS. On z/OS, the host field for ORB_LISTENER_ADDRESS can be set only to a wild card (*) value, or a dotted decimal IP address in the form www.xxx.yyy.zzz where www, xxx, yyy and zzz are the decimal values 0-255. Do not set the host field to a fully qualified DNS name such as myhost.myco.com. Type the port number into the Port field.

 
SSL Firewall Port

[5.0 only]Click Servers > server_name > End Points > ORB SSL Listener Address > Port.

[Version 5.0.2 and later]Click Servers > Application Servers > server_name. Under Additional Properties, click End Points > ORB_SSL_LISTENER_ADDRESS. Type the port number into the Port field. You can use any port number in the range 0-65535.

 
HTTPS No Default (8080 in examples)

[5.0 only]Click Servers > server_name.

[Version 5.0.2 and later]Click Servers > Application Servers > server_name. Under Additional Properties, click Web Container > HTTP Transports > host_name.

 
LDAP Not Applicable LDAP 1439  
Naming/IR Not Applicable Naming/IR Dynamically chosen  
ENABLE_TRUSTED_APPLICATIONS environment variable

[5.0 only]Click Security > Custom Properties > ENABLE_TRUSTED_APPLICATIONS control_region_security_enable_trusted_applications environment variable.

[Version 5.0.2 and later]Click Security > Global Security. Under Additional Properties, click Custom Properties > EnableTrustedApplications.

 



Notes:

* Required always, even if security is not on.

** Ignored unless Authentication Protocol is set to include CSI and SAS.


Related concepts
Migrating
Related tasks
Migrating from V4.0.1
Related reference
Prerequisites needed for WebSphere Application Server for z/OS
Specification level summary of WebSphere Application Server
Coexistence port definitions



Searchable topic ID:   rinsadminz
Last updated: Jun 21, 2007 9:56:50 PM CDT    WebSphere Application Server for z/OS, Version 5.0.2
http://publib.boulder.ibm.com/infocenter/wasinfo/index.jsp?topic=/com.ibm.websphere.zseries.doc/info/zseries/ae/rins_adminz.html

Library | Support | Terms of Use | Feedback