If your WebSphere® Application Server
traditional runtime environment has global security that is enabled, you need to communicate the
administrative settings from your development environment to the runtime server. On the workbench,
you need to specify that security is enabled on the runtime environment, and provide the user name
and password to the secured server. In addition, you need to establish a trust between the
development workbench of this product and the server.
Before you begin
- The WebSphere Application Server traditional runtime
environment is secured. For information on configuring global security:
Important: Applicable to WebSphere
Application Server traditional
About this task
To specify the administrative security settings to a secure
local or remote WebSphere Application
Server:
Procedure
- In the Servers view, double-click your WebSphere Application Server. The server
editor opens.
- Click the Overview tab.
- Expand the Security section.
- Select the Security is enabled
on this server check box. When this check
box is selected, the server entry in the Servers view displays a lock
icon. This icon is an example of a lock icon that displays when security
is enabled for a WebSphere Application
Server V7.0 (
). However, if this check box is cleared, the
remaining security settings are ignored, the server entry in the Servers
view displays a warning icon, and the following warning message displays
in the workbench: Warning: The server is not secured. Consider enabling security on the server.
This
icon is an example of a warning icon that displays in the Servers
view when security is disabled for WebSphere Application
Server V7.0 (
).
- In the User ID field and Password fields,
specify the user name and password for the current active administrative
settings that are defined in the server configuration.
The specified user must have the Log
on as service permission.
The specified user must be logged on as root.
- If you are working with a secured WebSphere Application Server, the Automatically
trust server certificate during SSL handshake check box
is by enabled by default.
Each profile
in the WebSphere Application
Server environment contains a unique self-signed certificate that
was created when the profile was created. .
When a profile is federated to a deployment manager, the signer for
that self-signed certificate is added to the common truststore for
the cell. By default, clients (such as the development workbench)
do not trust servers from different profiles in the WebSphere Application Server environment.
That is, they do not contain the signer for these servers.
To help establishing this trust between the
development workbench and the server, verify the Automatically
trust server certificate during SSL handshake check box
is selected. This check box specifies that when the workbench communicates
to an administrative secured WebSphere Application
Server, the server sends a signer certificate to the workbench. If
the certificate is new, the workbench stores the certificate in its
truststore file.
If the Automatically trust
server certificate during SSL handshake check box is clear,
the server status of the Servers view displays the server as stopped
and no connection can be made to the server. Make sure that you selected
this check box, otherwise, you must manually establish the trust between
the workbench and the administrative secured WebSphere Application Server, see Manually
exchanging signer certificates to establish a trust between the workbench
and the server topic for details.
- Select File > Save to save the changes
in the server editor.
Results
Note: When you are enabling administrative security for a
server, do not give it a user ID that has the same name as the server
where WebSphere Application
Server is installed. Otherwise, the server might fail to start.