Migrating, coexisting, and interoperating – Security considerations

Use this topic to migrate the security configuration of previous WebSphere® Application Server releases and its applications to the new installation of WebSphere Application Server.

Before you begin

This information addresses the need to migrate your security configurations from a previous release of IBM® WebSphere Application Server to WebSphere Application Server Version 7.0 or later. Complete the following steps to migrate your security configurations:

  • If security is enabled in the previous release, obtain the administrative server ID and password of the previous release. This information is needed in order to run certain migration jobs.
  • You can optionally disable security in the previous release before migrating the installation. No logon is required during the installation.

Procedure

Follow the steps in "Migrating product configurations".

Results

The security configuration of previous WebSphere Application Server releases and its applications are migrated to the new installation of WebSphere Application Server Version 7.0.

What to do next

If a custom user registry is used in the previous version, the migration process does not migrate the class files that are used by the standalone custom registry in the previous app_server_root/classes directory. Therefore, after migration, copy your custom user registry implementation classes to the app_server_root/classes directory.

If you upgrade from WebSphere Application Server, Version 5.x to WebSphere Application Server Version 7.0, the data that is associated with Version 5.x trust associations is not automatically migrated. To migrate trust associations, see Migrating trust association interceptors.

If the previous version instance is configured to enable secure connections using digital certificates that are signed by the Digital Certificate Manager (DCM) local certificate authority, those certificates must be renewed. For example, they must be renewed for the previous version instance, the WebSphere Application Server Version 7.0 profile, and all of the Secure Socket Layer-enabled clients and servers that connect to WebSphere Application Server. For more information, see SSL handshake failure using digital certificates signed by a Digital Certificate Manager (DCM) local certificate authority.

IBM i *SYSTEM certificate stores for applications are deprecated in WebSphere Application Server Version 5. In WebSphere Application Server Version 7.0, you must migrate your applications to use Java™ keystores.

The os400.security.password.validation.list.object property is profile-dependent. If you are migrating from Version 5, see Migrating Java thin clients that use the password encoding algorithm for instructions on how to migrate your client configuration.




In this information ...


IBM Redbooks, demos, education, and more

(Index)

Use IBM Suggests to retrieve related content from ibm.com and beyond, identified for your convenience.

This feature requires Internet access.

Task topic    

Terms of Use | Feedback

Last updated: Oct 21, 2010 3:36:59 AM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=compass&product=was-express-iseries&topic=tsecmigrate
File name: tsec_migrate.html