Security

Configuration of global security settings for a managed domain.



Attributes Summary
useLocalSecurityServer : booleanSpecifies whether an application server should uses a locla instance of security server or to use the security server in the node agent on the local node, on a remote node, or in cell manager, in that order.
useDomainQualifiedUserNames : booleanWhen true, user names returned by getUserPrincipal()-like calls, will be qualified with the security domain they reside within.
enabled : booleanWhether global security is enabled.
cacheTimeout : intNumber of milliseconds after which the authentication cache will be refreshed.
issuePermissionWarning : booleanIf enabld, warning will be issued during application installation if an application requires some Java 2 Permission's that normally should not be granted to applications.
allowAllPermissionForApplication : booleanNot in use.
activeProtocolSpecifies active IIOP security authentication protocol when security is enabled.
enforceJava2Security : booleanWhen set to true, WebSphere will enforce Java 2 Security permission checking.
enableJava2SecRuntimeFiltering : booleanEnable Java 2 Security Permission runtime filtering.
enforceFineGrainedJCASecurity : booleanEnable fine grained access control when looking up user id and password using the WSPrincipalMappingLoginModule in a programatic JAAS login in application code.
activeAuthMechanism : AuthMechanism@ The authentication mechanism that will be used when WebSphere Application Server security is enabled.
authMechanisms : AuthMechanism * A list of authentication mechanisms configured in the system.
userRegistries : UserRegistry * The configuration for a registry of users defined in the system.
activeUserRegistry : UserRegistry@ Specifies the active User Registry when security is enabled.
authConfig : AuthorizationConfigNot in use.
applicationLoginConfig : JAASConfigurationSpecifies a list of JAAS login configuration to be used by application code including EJBs, JSPs, Servlets, and Resource Adpapters.
CSI : IIOPSecurityProtocolSpecifies configuration of the OMG CSIv2 security protocol.
IBM : IIOPSecurityProtocolSpecifies configuration of the IBM SAS security protocol that is used by WebSphere 3.
repertoire : SSLConfig * Specifies a list of SSL configurations.
systemLoginConfig : JAASConfigurationSpecifies a list of JAAS login configuration to be used by system resources including authentication mechanism and principal and credential mapping.
authDataEntries : JAASAuthData * Specifies a list of userid and password for use by Java 2 Connector default principal mapping module and by DataSource.
defaultSSLSettings : SSLConfig@ Specify a configuration for using Secure Sockets Layer (SSL) support, such as the security level and whether SSL support is enabled.
authorizationTableImpl : AuthorizationTableImplNot used and may be removed in a future release.
roleBasedAuthorization : RoleBasedAuthorization * Specifies a list of system components that use the generalized Role Based Authorization for access control.
properties : Property * One usage of the properties list is for backward compatibility with previous releases of WebSphere products.

Attribute Details

useLocalSecurityServer    -    Specifies whether an application server should uses a locla instance of security server or to use the security server in the node agent on the local node, on a remote node, or in cell manager, in that order.
     data type: boolean
     default Value:   unspecified
     Allowed Values:  true   false  



useDomainQualifiedUserNames    -    When true, user names returned by getUserPrincipal()-like calls, will be qualified with the security domain they reside within.
     data type: boolean
     default Value:   unspecified
     Allowed Values:  true   false  



enabled    -    Whether global security is enabled. When security is not enabled, all other security settings are ignored.
     data type: boolean
     default Value:   unspecified
     Allowed Values:  true   false  



cacheTimeout    -    Number of milliseconds after which the authentication cache will be refreshed. Caching can improve performance with respect to authorization lookups.
     data type:  int
     default Value:   unspecified



issuePermissionWarning    -    If enabld, warning will be issued during application installation if an application requires some Java 2 Permission's that normally should not be granted to applications. The filter.policy file contains a list of permissions that applications should not have according to J2EE 1.3 Specification.
     data type: boolean
     default Value:   unspecified
     Allowed Values:  true   false  



allowAllPermissionForApplication    -    Not in use. May be removed in a future release.
     data type: boolean
     default Value:   unspecified
     Allowed Values:  true   false  



activeProtocol    -    Specifies active IIOP security authentication protocol when security is enabled. Possible values are CSI (CSIv2), IBM, or BOTH.
     data type: 
     default Value:   unspecified



enforceJava2Security    -    When set to true, WebSphere will enforce Java 2 Security permission checking. When set to false, WebSphere Java 2 Security Manager will not be installed and all Java 2 Security permission checking is disabled.
     data type: boolean
     default Value:   unspecified
     Allowed Values:  true   false  



enableJava2SecRuntimeFiltering    -    Enable Java 2 Security Permission runtime filtering. Runtime filtering is enabled by default. It is strongly recommended not to disable runtime permission filtering.
     data type: boolean
     default Value:   unspecified
     Allowed Values:  true   false  



enforceFineGrainedJCASecurity    -    Enable fine grained access control when looking up user id and password using the WSPrincipalMappingLoginModule in a programatic JAAS login in application code.
     data type: boolean
     default Value:   unspecified
     Allowed Values:  true   false  



activeAuthMechanism    -    The authentication mechanism that will be used when WebSphere Application Server security is enabled.
     data type: AuthMechanism@



authMechanisms    -    A list of authentication mechanisms configured in the system. Only one of the authentication mechanisms can be active in the system at a time.
     data type: AuthMechanism*



userRegistries    -    The configuration for a registry of users defined in the system. There may many types of user registries. User registry configuration is required at the time that sercurity configuration is enabled. The default type of user registry is Local Operating System (because the default authentication mechanism is LocalOSAuthentication).
     data type: UserRegistry*



activeUserRegistry    -    Specifies the active User Registry when security is enabled.
     data type: UserRegistry@



authConfig    -    Not in use. Reserved by IBM for Future Use.
     data type: AuthorizationConfig



applicationLoginConfig    -    Specifies a list of JAAS login configuration to be used by application code including EJBs, JSPs, Servlets, and Resource Adpapters.
     data type: JAASConfiguration



CSI    -    Specifies configuration of the OMG CSIv2 security protocol.
     data type: IIOPSecurityProtocol



IBM    -    Specifies configuration of the IBM SAS security protocol that is used by WebSphere 3.x and 4.x application server products.
     data type: IIOPSecurityProtocol



repertoire    -    Specifies a list of SSL configurations.
     data type: SSLConfig*



systemLoginConfig    -    Specifies a list of JAAS login configuration to be used by system resources including authentication mechanism and principal and credential mapping.
     data type: JAASConfiguration



authDataEntries    -    Specifies a list of userid and password for use by Java 2 Connector default principal mapping module and by DataSource.
     data type: JAASAuthData*



defaultSSLSettings    -    Specify a configuration for using Secure Sockets Layer (SSL) support, such as the security level and whether SSL support is enabled.
     data type: SSLConfig@



authorizationTableImpl    -    Not used and may be removed in a future release.
     data type: AuthorizationTableImpl



roleBasedAuthorization    -    Specifies a list of system components that use the generalized Role Based Authorization for access control.
     data type: RoleBasedAuthorization*



properties    -    One usage of the properties list is for backward compatibility with previous releases of WebSphere products.
     data type: Property*


Copyright IBM Corp. 1997-2004