Access to UDDI Registry interfaces is controlled by a combination of J2EE declarative security using role mappings, and UDDI properties and policies such as the registering of users as UDDI publishers.
UDDI Registry interface | Security role |
---|---|
Version 3 SOAP inquiry | V3SOAP_Inquiry_User_Role |
Version 3 SOAP publish | V3SOAP_Publish_User_Role |
Version 3 SOAP custody transfer | V3SOAP_CustodyTransfer_User_Role |
Version 3 SOAP security | V3SOAP_Security_User_Role |
Version 3 GUI inquiry | GUI_Inquiry_User |
Version 3 GUI publish | GUI_Publish_User |
Versions 1 and 2 SOAP inquiry | SOAP_Inquiry_User |
Versions 1 and 2 SOAP publish | SOAP_Publish_User |
EJB inquiry | EJB_Inquiry_Role |
EJB publish | EJB_Publish_Role |
By default, the inquiry roles are mapped to the Everyone special subject and the non inquiry roles are mapped to the AllAuthenticatedUsers special subject. For more information about WebSphere Application Server role mapping and the Everyone and AllAuthenticatedUsers special subjects, see Role-based authorization. With these default settings, after you enable WebSphere Application Server security you do not need access control to use the UDDI Registry inquiry interfaces, however to use the publish roles and the Version 3 custody transfer role you must be authenticated using a WebSphere Application Server userid and password. (The Version 3 security role is a special case, as this concerns use of UDDI Registry security instead of WebSphere Application Server security, and must be specially configured as described in Configuring the UDDI Registry to use UDDI security.)
For more information about UDDI Registry security roles and how they can be used to control authorization and data confidentiality, see Configuring the UDDI Registry to use WebSphere Application Server security.
In accordance with the UDDI specification, there is additional access control in that an entity which has been published to the UDDI Registry can only be updated or deleted by the user who originally published that entity.
The UDDI Registry also provides some management interfaces which are protected by requiring administrative permissions for certain operations; see UDDI Registry Management Interfaces for details.
Related concepts
Role-based authorization
Related tasks
Configuring the UDDI Registry to use UDDI security
Configuring the UDDI Registry to use WebSphere Application Server security
Using the UDDI Registry
Related reference
UDDI Publisher collection
UDDI Registry Administrative (JMX) Interface
UDDI node settings
UDDI Registry Management Interfaces