You can customize security to some extent at the application server level. You can disable user security on an application server; administrative security remains enabled when global security is enabled. When global security is disabled, you cannot enable application server security.
You can also modify Java 2 Security Manager, Authentication
Mechanism, and some of the other security attributes that are found on the
Global security panel. Global security is also called cell-level security.
You cannot configure a different authentication mechanism or user registry
on an individual server basis. This feature is limited to cell-level configuration
only.
By default, server security inherits all of the values that are configured for cell-level security. To override the cell-level security configuration at the server level, click Servers > Application Servers > server_name. Under Security, click Server Security > Additional properties and click any of the following panels:
For more information, see Server and global security.
After you modify the configuration for a particular application server, you must restart the application server for the changes to become effective. To restart the application server, go to Servers > Application servers and click the server name that you recently modified. Click Stop and then Start.
If you disabled security for the application server, you can typically test a Web address that is protected when security is enabled.
One URL that usually is installed when the DefaultApplication
during installation is the snoop application. If the DefaultApplication is
installed on the application server, test that security is disabled by going
to the following URL: http://host.domain:9080/snoop. If security
is disabled, a prompt does not display. This URL is just one method of validating
the configuration. Validate that the configuration is appropriate for your
applications.
In this information ...Subtopics
Related tasks
| IBM Redbooks, demos, education, and more(Index) |