Realm configuration settings

Use this page to manage the realm. The realm can consist of identities in the file-based repository that is built into the system, in one or more external repositories, or in both the built-in, file-based repository and one or more external repositories.

To view this administrative console page, complete the following steps:
  1. In the administrative console, click Security > Global security.
  2. Under User account repository, select Federated repositories from the Available realm definitions field and click Configure.

When you finish adding or updating your federated repository configuration, go to the Security > Global security panel and click Apply to validate the changes.

A single built-in, file-based repository is built into the system and included in the realm by default.

You can configure one or more Lightweight Directory Access Protocol (LDAP) repositories to store identities in the realm. Click Add base entry to realm to specify a repository configuration and a base entry into the realm. You can configure multiple different base entries into the same repository.

Click Remove to remove selected repositories from the realm. Repository configurations and contents are not destroyed. The following restrictions apply:

WebSphere® Application Server Version 7.0 distinguishes between the user identities for administrators who manage the environment and server identities for authenticating server to server communications. In most cases, server identities are automatically generated and are not stored in a repository.

Realm name

Specifies the name of the realm. You can change the realm name.

Primary administrative user name

Specifies the name of the user with administrative privileges that is defined in the repository, for example, adminUser.

The user name is used to log on to the administrative console when administrative security is enabled. Version 6.1 requires an administrative user that is distinct from the server user identity so that administrative actions can be audited.
Attention: In WebSphere Application Server, Versions 5.x and 6.0.x, a single user identity is required for both administrative access and internal process communication. When migrating to Version 6.1, this identity is used as the server user identity. You need to specify another user for the administrative user identity.

Automatically generated server identity

Enables the application server to generate the server identity, which is recommended for environments that contain only Version 6.1 or later nodes. Automatically generated server identities are not stored in a user repository.

Default: Enabled

Server identity that is stored in the repository

Specifies a user identity in the repository that is used for internal process communication. Cells that contain Version 5.1 or 6.0.x nodes require a server user identity that is defined in the active user repository.

Default: Enabled

Ignore case for authorization

Specifies that a case-insensitive authorization check is performed.

If case sensitivity is not a consideration for authorization, enable the Ignore case for authorization option.

Base entry

Specifies the base entry within the realm. This entry and its descendents are part of the realm.

Repository identifier

Specifies a unique identifier for the repository. This identifier uniquely identifies the repository within the cell.

Repository type

Specifies the repository type, such as File or LDAP.




Related tasks
Managing the realm in a federated repository configuration
Related reference
Lightweight Directory Access Protocol repository configuration settings
Reference topic    

Terms of Use | Feedback

Last updated: Oct 21, 2010 3:36:59 AM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=compass&product=was-express-iseries&topic=uwim_realmsettings
File name: uwim_realmsettings.html