Securing specific application servers
You can customize security to some extent at the application server level. You can disable administrative security on an application server.
Before you begin

You can also modify Java™ 2 Security and some of the other security attributes that are found on the Global security panel. This panel provides access to the cell-level security settings. You cannot configure a different authentication mechanism or user registry on an individual server basis. This feature is limited to cell-level configuration only.
By default, server security inherits all of the values that are configured for cell-level security. To override the cell-level security configuration at the server level, click Servers > Application Servers > server_name. Under Security, click Server Security and click any of the following links:
- CSIv2 inbound authentication
- CSIv2 outbound authentication
- CSIv2 inbound transport
- CSIv2 outbound transport
SAS inbound transport
SAS outbound transport
z/SAS authentication
- Server-level security
![[AIX Solaris HP-UX Linux Windows]](../images/dist.gif)
![[IBM i]](../images/iseries.gif)
![[z/OS]](../images/ngzos.gif)
- Security settings for this server override cell setting
- RMI/IIOP security for this server overrides cell settings
- SAS security for this server overrides cell settings
![[z/OS]](../images/ngzos.gif)
- Local identity
- Remote identity
- Sync to thread allowed
For more information,
see Server and administrative security.
Procedure
What to do next
After you modify the configuration for a particular application server, you must restart the application server for the changes to become effective. To restart the application server, go to Servers > Application servers and click the server name that you recently modified. Click Stop and then Start.
If you disabled security for the application server, you can typically test a web address that is protected when security is enabled.
One URL that usually is installed when the
DefaultApplication during installation is the snoop application. If
the DefaultApplication is installed on the application server, test
that security is disabled by going to the following URL: http://host.domain:9080/snoop.
If security is disabled, a prompt does not display. This URL is just
one method of validating the configuration. Validate that the configuration
is appropriate for your applications.