Access to UDDI registry interfaces is controlled by a combination of Java™ Platform, Enterprise Edition (Java™ EE) declarative security that uses role mappings, and UDDI properties and policies, such as registering users as UDDI publishers.
UDDI registry interface | Security role |
---|---|
Version 3 SOAP inquiry | V3SOAP_Inquiry_User_Role |
Version 3 SOAP publish | V3SOAP_Publish_User_Role |
Version 3 SOAP custody transfer | V3SOAP_CustodyTransfer_User_Role |
Version 3 SOAP security | V3SOAP_Security_User_Role |
Version 3 GUI inquiry | GUI_Inquiry_User |
Version 3 GUI publish | GUI_Publish_User |
Versions 1 and 2 SOAP inquiry | SOAP_Inquiry_User |
Versions 1 and 2 SOAP publish | SOAP_Publish_User |
EJB inquiry | EJB_Inquiry_Role |
EJB publish | EJB_Publish_Role |
By default, the inquiry roles are mapped to the Everyone special subject and the non inquiry roles are mapped to the AllAuthenticatedUsers special subject. With these default settings, after you enable WebSphere® Application Server security, you do not need access control to use the UDDI registry inquiry interfaces. However, to use the publish roles and the Version 3 custody transfer role, you must be authenticated using a WebSphere Application Server user ID and password. The Version 3 security role is a special case, because it uses UDDI registry security instead of WebSphere Application Server security, and it must be specially configured.
An additional access control, in accordance with the UDDI specification, is that for an entity that is published to the UDDI registry, only the user who originally published that entity can update or delete it.
The UDDI registry also provides some management interfaces that are protected because they require administrative permissions for certain operations.