InfoCenter Home > 6.6.0.2.2.3.11: Setting global security defaultsThe wscp SecurityConfig operations can be used to do the following:
They cannot be used to configure security for individual applications or components. Modifying security propertiesBefore enabling security, you must make the following modifications to the product_installation_root/properties/sas.client.props file: com.ibm.CORBA.loginSource=properties com.ibm.CORBA.loginUserId=userID com.ibm.CORBA.loginPassword=password where userID is a valid userID and password is the corresponding password. The sas.client.props file specifies login information for both the administrative console and wscp. However, you can set up wscp to use a different login mechanism than the administrative console --for instance, you can set up wscp for a programmatic login and the console for an interactive login. Do the following:
See 6.6.0.2.2.2.3: Authenticating to the administrative server for more information about enabling security. Security configuration examplesThe following example command checks whether security is enabled: wscp> SecurityConfig isSecurityEnabled Return values are:
The following example command enables security for all applications: wscp> SecurityConfig enableSecurity The following example command disables security for all applications: wscp> SecurityConfig disableSecurity The following example command returns the current authentication mechanism for security: wscp> SecurityConfig getAuthenticationMechanism Possible return values are:
The following example command returns the user ID that can be used in local operating system (LOCALOS) authentication: wscp> SecurityConfig getUserid {tym} The following example command sets the authentication method to that of the local operating system and authenticates to the user tym: wscp> SecurityConfig setAuthenticationMechanism LOCALOS -userid {tym tympwd} The system uses the operating system's existing security repository. The administrative server must be restarted for the change to take effect. The following example command displays information about how SSL is configured in WebSphere Application Server: wscp> SecurityConfig getSSLConfig {{TrustFileName ${WAS_HOME}/etc/ServerTrustFile.jks} {TrustFilePassword WebAS} {KeyFileName ${WAS_HOME}/etc/ServerKeyFile.jks} {KeyFilePassword WebAS} {KeyFileFormat 0} {TrustFileFormat 0} {ClientAuthentication false} {UseGlobalDefaults true} {SecurityLevel 0} {CryptoHardwareEnabled false} {CryptoTokenType {}} {CryptoLibraryFile {}} {CryptoPassword {}} {SSLProperties {}}} The following example command sets various SSL configuration parameters: wscp> SecurityConfig setSSLConfig {{ClientAuthentication true} {KeyFileName ${WAS_HOME}/etc/NewKey.jks} {KeyFilePassword serverAS}} |
| ||
|