UDDI registry security and UDDI registry settings
In addition to the configuration of UDDI registry security, other UDDI registry settings can affect the security of the UDDI registry.
Some UDDI property and policy settings can affect the security of a UDDI registry. Other UDDI settings are not specific to security, but can place restrictions on the successful completion of publish requests.
Security settings
UDDI registry interfaces are protected, as detailed in Access control for UDDI registry interfaces.
The UDDI registry supports the use of XML Digital Signatures to sign UDDI entities. See the topic about digital signatures and the UDDI registry.
Some UDDI property and policy settings can affect the security of a UDDI registry.
- Key space requests require digital signature
- Specifies whether all tModel:keyGenerator requests for key space must be digitally signed. To understand key space, see the topic about UDDI registry Version 3 entity keys.
- Use authInfo credentials if provided
- Specifies that the UDDI registry uses the UDDI Version 3 security features. This setting applies only when WebSphere® Application Server security is disabled. See Configuring UDDI Security with WebSphere Application Server security disabled.
- Authentication token expiry period
- Specifies the length of idle time (in minutes) allowed before an authentication token is no longer valid.
- Default user name
- Specifies the name to use for publish operations when WebSphere Application Server security is disabled and no authentication token data is supplied.
- Authorization for inquiry
- Specifies whether authorization that uses authentication tokens is required for inquiry API requests.
- Authorization for publish
- Specifies whether authorization that uses authentication tokens is required for publish API requests.
- Authorization for custody transfer
- Specifies whether authorization that uses authentication tokens is required for custody transfer API requests.
Additional settings
The publish-related actions that a registered UDDI publisher can undertake are defined by their entitlements, as described in UDDI registry user entitlements.
Some UDDI property and keying policy settings influence publish behavior. These settings are not specific to security, but you must consider them because they place restrictions on the successful completion of publish requests.
- Automatically register UDDI publishers
- Specifies that the UDDI registry requires that publisher entitlements
are set before allowing any publish requests. This option automatically
registers users with default entitlements.
If you do not select this option, you can register users as UDDI publishers, and specify their entitlements, by using the UDDI publisher settings.
- Use tier limits
- Specifies that publication
tier limits are enforced.
If you select this option, one or more tiers must be configured by using the UDDI Tier settings. Also, ensure that registered UDDI Publishers are assigned to a tier by using the UDDI publisher settings.
- Registry key generation
- Specifies that publishers can request key space and, if successful, publish with publisher-assigned keys.