Use these steps to configure local operating system registries.
For detailed information about using the local operating system user registry, see Local operating system registries. These steps set up security based on the local operating system user registry on which WebSphere Application Server is installed.
For
security purposes, the WebSphere Application Server provides and supports
the implementation for Windows operating system registries, AIX, Solaris
and multiple versions of Linux operating systems. The respective operating
system application programming interface (API) are called by the product
processes (servers) for authenticating a user and other security-related
tasks (for example, getting user or group information). Access to
these APIs are restricted to users who have special privileges. These
privileges depend on the operating system and are described below.
In
WebSphere Application Server Version 6.1, you can use an internally-generated
server ID because the Security WebSphere Common Configuration Model
(WCCM) model contains a new tag, internalServerId. You do not need
to specify a server user ID and a password during security configuration
except in a mixed-cell environment. See Administrative roles and naming service authorization for more detailed
information about the new internal server ID.
When a
local operating system registry is chosen, the started task identity
is chosen as the server identity. A user ID and password are not required
to configure the server.
When you set up a user registry for WebSphere
Application Server, the System Authorization Facility (SAF) works
in conjunction with the user registry to authorize applications to
run on the server. For more information on the SAF capabilities, see System Authorization Facility user registries.
Complete the following steps to configure additional properties that
are associated with the local OS user registry and SAF configuration.
The following steps are needed to perform
this task initially when setting up security for the first time.
For any changes in this panel to be effective, you need to save, stop, and start all the product servers, including deployment managers, nodes and application servers. If the server comes up without any problems, the setup is correct.
After completed these steps, you have configured WebSphere Application Server to use the local operating system registry to identify authorized users.
Complete any remaining steps for enabling security. For more information, see Enabling security.
In this information ...Subtopics
Related concepts
Related tasks
Related reference
| IBM Redbooks, demos, education, and more(Index) |