Use this topic to enable IBM WebSphere Application Server security.
You must enable global security for all
other security settings to function.
About this task
WebSphere Application Server uses cryptography to protect sensitive
data and to ensure confidentiality and integrity of communications between
WebSphere Application Server and other components in the network. Cryptography
is also used by Web services security when certain security constraints are
configured for the Web Services application.
WebSphere
Application Server uses Java Secure Sockets Extension (JSSE) and Java Cryptography
Extension (JCE) libraries in the Software Development Kit (SDK) to perform
this cryptography. The SDK provides strong but limited jurisdiction policy
files. Unrestricted policy files provide the ability to perform full strength
cryptography and to improve performance.
WebSphere
Application Server provides a SDK 1.4.2 that contains strong, but limited
jurisdiction policy files. You can download the unrestricted policy files
from the following Web site:
IBM developer kit: Security information. Complete the
following steps to download and install the new policy files:
- Click Java 1.4.2
- Click IBM SDK Policy files.
The Unrestricted JCE Policy files
for SDK 1.4 Web site is displayed.
- Click Sign in and provide your IBM.com ID and password.
- Select Unrestricted JCE Policy files for SDK 1.4.2 and click Continue.
- View the license and click I Agree to continue.
- Click Download Now.
- Extract the unlimited jurisdiction policy files that are packaged in the
ZIP file. The ZIP file contains a US_export_policy.jar file and a local_policy.jar file.
- In your WebSphere Application Server installation, go to the $JAVA_HOME/jre/lib/security directory
and back up your US_export_policy.jar and local_policy.jar files.
- Replace your US_export_policy.jar and local_policy.jar files
with the two files that you downloaded from the IBM.com Web site.