In addition
to the configuration of UDDI registry security,
other UDDI registry settings can affect the security of the UDDI registry.
Some UDDI property and policy settings can affect the
security
of a UDDI registry. Other UDDI settings are not specific to security,
but can place restrictions on the successful completion of publish
requests.
Security settings
UDDI registry
interfaces
are protected, as detailed in Access
control for UDDI registry interfaces.
The UDDI registry
supports the use of XML Digital Signatures to sign UDDI entities.
See the topic about digital signatures and the UDDI registry.
Some
UDDI property and policy settings can affect the security of a UDDI
registry.
To review or change the following property settings,
click .
- Key space requests require digital signature
- Specifies
whether all tModel:keyGenerator requests for key space
must be digitally signed. To understand key space, see the topic about
UDDI registry Version 3 entity keys.
- Use
authInfo credentials if provided
- Specifies that the UDDI registry
uses the UDDI Version 3 security
features. This setting applies only when WebSphere® Application Server security is
disabled. See Configuring UDDI
Security with WebSphere Application
Server security disabled.
- Authentication
token expiry period
- Specifies the length of idle time (in
minutes) allowed before
an authentication token is no longer valid.
- Default
user name
- Specifies the name to use for publish operations
when WebSphere Application
Server
security is disabled and no authentication token data is supplied.
To review or change the following policy settings,
click .
- Authorization
for inquiry
- Specifies whether authorization that uses authentication
tokens is
required for inquiry API requests.
- Authorization
for publish
- Specifies whether authorization that uses authentication
tokens is
required for publish API requests.
- Authorization
for custody transfer
- Specifies whether authorization that
uses authentication tokens is
required for custody transfer API requests.
These
policy settings apply when UDDI security features
are used and WebSphere Application
Server security is enabled. If the UDDI service is mapped to the AllAuthenticatedUsers
security role, these settings are overridden. See
Configuring UDDI Security with WebSphere Application Server
security enabled.
Additional settings
The
publish-related
actions that a registered UDDI publisher can undertake are defined
by their entitlements, as described in UDDI registry user entitlements.
Some
UDDI property and keying policy settings influence publish behavior.
These settings are not specific to security, but you must consider
them because they place restrictions on the successful completion
of publish requests.
To review or change the following property
settings, click .
- Automatically register UDDI publishers
- Specifies that the UDDI registry requires that publisher entitlements
are set before allowing any publish requests. This option automatically
registers users with default entitlements.
If you do not select
this option, you can register users as UDDI publishers, and specify
their entitlements, by using the UDDI publisher settings.
- Use tier limits
- Specifies that publication
tier limits are enforced.
If you
select this option, one or more tiers must be configured by using
the
UDDI Tier settings. Also, ensure that registered UDDI Publishers are
assigned to a tier by using the UDDI publisher settings.
To review or change the following property setting,
click .
- Registry
key generation
- Specifies that publishers can request key space
and, if successful,
publish with publisher-assigned keys.