Use these steps to configure local operating system registries.
For detailed information about using the local operating system user registry, see Local operating system registries. These steps set up security based on the local operating system user registry on which WebSphere Application Server is installed.
For security
purposes, the WebSphere Application Server provides and supports the implementation
for Windows operating system registries, AIX, Solaris and multiple versions
of Linux operating systems. The respective operating system application programming
interface (API) are called by the product processes (servers) for authenticating
a user and other security-related tasks (for example, getting user or group
information). Access to these APIs are restricted to users who have special
privileges. These privileges depend on the operating system and are described
below.
In
WebSphere Application Server Version 6.1, you can use an internally-generated
server ID because the Security WebSphere Common Configuration Model (WCCM)
model contains a new tag, internalServerId. You do not need to specify a server
user ID and a password during security configuration except in a mixed-cell
environment. See Administrative roles and naming service authorization for
more detailed information about the new internal server ID.
When
a local operating system registry is chosen, the started task identity is
chosen as the server identity. A user ID and password are not required to
configure the server.
When you set up a user registry for WebSphere Application
Server, the System Authorization Facility (SAF) works in conjunction with
the user registry to authorize applications to run on the server. For more
information on the SAF capabilities, see System Authorization Facility user registries. Complete the following steps
to configure additional properties that are associated with the local OS user
registry and SAF configuration.
The following steps are needed to
perform this task initially when setting up security for the first time.
For any changes in this panel to be effective, you need to save, stop, and start all the product servers, including deployment managers, nodes and application servers. If the server comes up without any problems, the setup is correct.
After completed these steps, you have configured WebSphere Application Server to use the local operating system registry to identify authorized users.
Complete any remaining steps for enabling security. For more information, see Enabling security.
In this information ...Subtopics
Related concepts
Related tasks
Selecting a registry or repository Related reference
| IBM Redbooks, demos, education, and more |