File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Websphere and the fly likes WebSphere Security Settings Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of OCA/OCP Java SE 7 Programmer I & II Study Guide this week in the OCPJP forum!
JavaRanch » Java Forums » Products » Websphere
Bookmark "WebSphere Security Settings" Watch "WebSphere Security Settings" New topic
Author

WebSphere Security Settings

Alana Sparx
Ranch Hand

Joined: Feb 14, 2006
Posts: 121
I need to enable security on WSAD 5.1.2 via the Admin Consol.

I take it I first need to 'log-in' via one of the user registries? If I am not on one of these registries, how can I be included in them? Or, do I need the userId and Password of the fellow who installed the app server to do any of this?

Currently, when I try and set Global Security I get the error message
'Validation failed for user xyz. Please try again....'

Any help would be most appreciated.

As
Ryan Zezeski
Greenhorn

Joined: Mar 13, 2005
Posts: 29
Originally posted by Alana Sparx:
I need to enable security on WSAD 5.1.2 via the Admin Consol.

I take it I first need to 'log-in' via one of the user registries? If I am not on one of these registries, how can I be included in them? Or, do I need the userId and Password of the fellow who installed the app server to do any of this?

Currently, when I try and set Global Security I get the error message
'Validation failed for user xyz. Please try again....'

Any help would be most appreciated.

As




Sounds like the credentials you are passing are not in the User Registry. Tell you admin that you need your credentials added to the user registry. If you don't really have an admin then you need to figure out what type of user registry you are using and add your credentials; whether it be Local OS, LDAP, etc.

To figure out the security settings you could temporarily goto <WAS ROOT>/config/cells/<CELL NAME>/security.xml and search for the first occurence of enabled and set it to false. Save the file and bounce all servers. Global security will now be turned off and you can check what type of user regiestry you are using.


Java has 99 problems but a pointer ain't one
Alana Sparx
Ranch Hand

Joined: Feb 14, 2006
Posts: 121
Thanks foe the reply, Ryan.

Global Security is currently turned off - what I'm trying to do is switch it on, but the original username/passwords have been lost.

So, I need to
a) figure out which user registry is being used - if it on the localOS, can i easily get a look at this (I'm expecting a guffaw followed by a strong !NO!' to this, but hey, I'm desperate). If its LDAP, i suppose I'm in a bit of a pickle?

b) one I have the log in details I can 'log-in' to the appropriate registry, and then have the permissions to tamper with the as yet non-existent security setting?

Any ideas where the localOS registry might be? Or are we talking lengths of string here?

Thanks again
Ryan Zezeski
Greenhorn

Joined: Mar 13, 2005
Posts: 29
Originally posted by Alana Sparx:
Thanks foe the reply, Ryan.

Global Security is currently turned off - what I'm trying to do is switch it on, but the original username/passwords have been lost.

So, I need to
a) figure out which user registry is being used - if it on the localOS, can i easily get a look at this (I'm expecting a guffaw followed by a strong !NO!' to this, but hey, I'm desperate). If its LDAP, i suppose I'm in a bit of a pickle?

b) one I have the log in details I can 'log-in' to the appropriate registry, and then have the permissions to tamper with the as yet non-existent security setting?

Any ideas where the localOS registry might be? Or are we talking lengths of string here?

Thanks again


I'm having a hard time understanding everything you saying, but it seems to me you either:

a) Have an external LDAP user registry somewhere and forgot or don't know any of the credentials in it. If so I would ask your admin or the previous person to setup WAS security.

b) WAS security has not been setup before and you have no user registry and are trying to figure out what to do.



LocalOS simply uses your Operating System user registry. I personally have only used a Sun ONE LDAP registry. So if the machine you have WAS installed on has a user called Joe with a password of "Password" you should be able to use that username/password, and WAS will check credentials against the OS registry.

As for LDAP there are a slew of LDAP servers WAS supports out of the box. I personally have only used Sun ONE and don't remember setting it up. However I made a user called "websphere" and used that as my login user.

You can also setup custom registries but I have no clue how to do that.

Once again, if you actually already have a user registry created somewhere, ans just forgot the credentials then you need to ask you admin or whoever created it. If you don't have a registry at all then you need to create one.

IBM info-ceter documentation for Local OS:
http://publib.boulder.ibm.com/infocenter/wasinfo/v5r1//topic/com.ibm.websphere.base.doc/info/aes/ae/csec_localos.html

IBM info-center documentation for LDAP:
http://publib.boulder.ibm.com/infocenter/wasinfo/v5r1//topic/com.ibm.websphere.base.doc/info/aes/ae/csec_ldap.html
 
wood burning stoves
 
subject: WebSphere Security Settings