In addition to the configuration of UDDI registry security, a number
of other UDDI registry settings can affect the behavior of the UDDI registry.
Some of these settings are security specific and others are points to consider
when configuring security.
Additional policy considerations
A number of the
UDDI property and policy settings also determine the behavior of a UDDI registry
with respect to security.
To review or change the following property
settings, click . The
settings are also detailed in the administrative console help.
- Key space requests require digital signature
- This setting determines whether all tModel:keyGenerator requests for key
space must be digitally signed. To understand key space, see UDDI registry Version 3 Entity Keys.
- Use authInfo credentials if provided
- This setting applies only when WebSphere Application Server security is
disabled. See Configuring
UDDI Security with WebSphere Application Server security disabled.
- Authentication token expiry period
- The authentication token expiry period is the length of idle time (in
minutes) allowed before an authentication token is no longer valid.
- Default user name
- The default user name is used for publish operations when WebSphere Application
Server security is disabled and no authentication token data is supplied.
To review or change the following policy settings, click . Then under
Policy Groups, click
APIs.
The settings are also detailed in the administrative console help.
- Authorization for inquiry
- Specifies whether authorization using authentication tokens is required
for inquiry API requests.
- Authorization for publish
- Specifies whether authorization using authentication tokens is required
for publish API requests.
- Authorization for custody transfer
- Specifies whether authorization using authentication tokens is required
for custody transfer API requests.
These policy settings apply when UDDI security
features are used and WebSphere Application Server security is enabled. If
the UDDI service is mapped to the AllAuthenticatedUsers security role, these
settings are overridden. See
Configuring
UDDI Security with WebSphere Application Server security enabled.
Other considerations
The publish related actions
that a registered UDDI publisher can perform are defined by their entitlements,
as described in UDDI
registry user entitlements.
In addition to the property and policy
settings already described, some UDDI keying and user policy settings also
influence publish behavior. These settings are not specific to security, but
you should consider them because they also place restrictions on successful
completion of publish requests.
To review or change the following property
settings, click . The
settings are also detailed in the administrative console help
- Automatically register UDDI publishers
- The UDDI registry requires that publisher entitlements are set before
allowing any publish requests. This option automatically registers users with
default entitlements.
If this option is not selected, users (and their entitlements)
can be registered. See UDDI
Publisher settings.
- Use tier limits
- If selected, tier limits are enforced.
If this option is selected, you
need one or more tiers configured (see Tier collection and UDDI Tier settings). Also, ensure that registered
UDDI Publishers are assigned to a tier (see UDDI Publisher settings).
To review or change the following property setting,
click . Then under
Policy
Groups click
UDDI Keying. The setting is also detailed
in the administrative console help.
- Registry key generation
- If this option is selected, publishers can request key space and, if successful,
publish with publisher assigned keys.