Job manager security

When performing a job manager registration process there are a number of WebSphere® Application Server security impacts to consider.

New feature: In this release of WebSphere Application Server, a new style of system management called flexible management has been introduced. It differs from the existing style of synchronous invocation and response calls through wsadmin or Java™ APIs by offering an asynchronous job queuing mechanism for administration purposes. At the core of flexible management is a new administrative process called the job manager. You can make both application servers registered to administrative agents and deployment manager servers known to the job manager through a registration process. After you register the servers, you can queue administrative jobs directed at the application servers or deployment managers through the job manager. You can submit these jobs to a large number of servers over a geographically dispersed area. There are a number of security considerations you must keep in mind both during and after the job manager registration process.newfeat

Consider the following:

The required administrative roles for executing flexible management jobs are defined by the underlying administrative commands used by those jobs. For example, the required role for starting and stopping servers is the operator role. The operator role is also required for execution of the flexible management jobs that start and stop servers. The general rules for assigning required administrative roles are:




Related concepts
RSA token authentication mechanism
Lightweight Third Party Authentication
Kerberos (KRB5) authentication mechanism support for security
Job manager
Job manager settings
Related tasks
Configuring the RSA token authentication mechanism
Configuring administrative authentication
Administering nodes remotely using the job manager
Configuring job managers
Related reference
Administrative roles
Job status collection
Concept topic    

Terms of Use | Feedback

Last updated: Oct 20, 2010 7:53:43 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=compass&product=was-nd-dist&topic=csec_sec_jobmgr
File name: csec_sec_jobmgr.html