This topic describes how to secure the long-running scheduler.
Before you begin
Users who are assigned the lradmin role have the authority to perform
all long-running scheduler application actions
on all jobs regardless of job ownership, while users who are assigned with
the lrsubmitter role can only act on jobs that are owned by the submitters
themselves.
About this task
This sample task assumes that the job scheduler is configured. From
the administrative console:
Procedure
Click Security > Secure administration, applications,
and infrastructure.
Click Applications > Enterprise Applications
> LongRunningScheduler.
Click Map security roles to users/groups.
- Check the box for the role to be configured.
- Click Look up users if one or more users are to be assigned
the target role, or click Look up groups if role assignment is at the
group level.
- Select the user or group to be assigned to the target role.
- Click OK, then Save.
Click Security > Global Security.
Enable global security and Java 2 security.
This supports any of the WebSphere Application Server supported user registries
such as Local OS, Lightweight Directory Access Protocol (LDAP), or custom.
- Restart the server.
What to do next
With security enabled, provide a valid user ID and password for job
actions that are performed through the command- line interface. Submit a job
action through the command-line interface with the user name and password
information. See the following exaple:
<install_root>/bin/lrcmd.[bat|sh]
-cmd=<name_of_command> <command_arguments> [-host=<host> -port=<port>]
-userid=<user_ID> -password=<password>
where:
- <host> is the on demand router (ODR) host name or
the long-running scheduler server host name.
If not specified, the default is localhost.
- <port> is the ODR HTTP(s) proxy address or the long-running
scheduler server HTTP(s) port. If not specified, the default is 80.
See the following:
D:\IBM\WebSphere\AppServer\bin\lrcmd
-cmd=submit -xJCL=D:\IBM\WebSphere\AppServer\longRunning\
postingSampleXJCL.xml -port=9445 -host=wasxd01.ibm.com
-userid=mylradmin -password=w2g0u1tf