WebSphere Application Server - Express, Version 6.0.x     Operating Systems: AIX, HP-UX, Linux, Solaris, Windows

Testing security

Before you begin

After configuring global security and restarting all of your servers in a secure mode, validate that security is properly enabled.

There are a few techniques that you can use to test the various security login types. For example, you can test the Web-based BasicAuth login, Web-based form login, and the Java client BasicAuth login.

Basic tests are available that show whether the fundamental security components are working properly. Complete the following steps to validate your security configuration:

Steps for this task

  1. After enabling security, verify that your system comes up in secure mode.
  2. Test the Web-based BasicAuth with Snoop, by accessing the following URL: http://hostname.domain:9080/snoop. A login panel is displayed. If a login panel does not display, then a problem exists. If the panel appears, type in any valid user ID and password in your configured user registry.
  3. Test the Web-based form login by starting the administrative console: http://hostname.domain:9060/ibm/console. A form-based login page is displayed. If a login page does not appear, try accessing the administrative console by typing https://myhost.domain:9043/ibm/console.

    Type in the administrative user ID and password that are used for configuring your user registry when configuring security.

  4. Test Java Client BasicAuth with dumpNameSpace by executing the install_root\bin\dumpNameSpace.bat file. A login panel appears. If a login panel does not appear, there is a problem. Type in any valid user ID and password in your configured user registry.
  5. Test all of your applications in secure mode.
  6. If all the tests pass, proceed with more rigorous testing of your secured applications. If you have any problems, review the output logs in the WebSphere Application Server /logs/nodeagent or WebSphere Application Server /logs/server_name directories, respectively. Check the security troubleshooting article to see if it references any common problems.

Result

The results of these tests, if successful, indicate that security is fully enabled and working properly.



Related concepts
Web component security
Enterprise bean component security
Administrative console and naming service authorization

Related reference
Security: Resources for learning

Task topic    

Terms of Use | Feedback

Last updated: Jun 8, 2005 12:45:23 PM EDT
http://publib.boulder.ibm.com/infocenter/wasinfo/v6r0/index.jsp?topic=/com.ibm.websphere.express.doc/info/exp/ae/tsec_mthejb.html

© Copyright IBM Corporation 2002, 2005. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)