WebSphere Global security Settings

It is a good idea to create separate user groups and users for WebSphere installations. Linux Platform: Group name wasadmin, user name Wasadmin;windows platform: group name is wasadmins, username wasadmin; After the WebSphere V6 installation is complete, log on to the admin console

http://localhost:9060 (console listening port at installation)/admin/, which can be logged to the admin console with any name (including null and without password)

Manage operations. At this point the home page prompts that security is not enabled.

If you want to lock the administration console, only one user is allowed to exercise administrative rights. Can log on to the console (Http://localhost:9060/ibm/console)

Turn on security settings.

(1) Login to the management console, into the "System Management-Console Settings-console Group", add the console group, is the group created before the installation of Linux for the wasadmin,windows on the wasadmins; Remember to save the settings.

(2) into the "System Management-Console settings-console users", add console users, is the previously created WebSphere user. Linux for wasadmin on wasadmin,windows. Save Settings.

(3) to "security-global security" in the security settings. Locate the user registry-local OS for user registration. Server user identity: Wasadmin (same as user name set in step two). Server user password: The user password specified when the Wasadmin user is created in the system. Save Settings.

(4) Now you want to enable global security. Select the Enable global security checkbox to make sure that the Force JAVA2 security is checked out. (Enforced JAVA2 security is enabled when global security is enabled by default.) If you do not have the JAVA2 security (JVM authorization) enabled, the mandatory JAVA2 security is turned on and the service may not start.

Active protocol Default: CSI and SAS; activity authentication mechanism: I use the default simple WebSphere authentication mechanism. If you use LTPA, you will need to set the user password again. I didn't try. Active user registry: Local OS is selected by default. Customization seems to need to write the certification class yourself.

As for LDAP, it seems that the user name to be specified is the username and password in LDAP (AD in 2000, the other is not clear) as to the "use of Federal Information Processing standards (FIPS)" option I did not select.

That's how I configure it. After restarting the server, the console will pop up with an authentication box, point "yes". The console lets you enter a username and password. No 1, 2 steps have been performed during the first few configurations, and the 4th step also selected "Enforce Java2 security" and "use Federal Information Processing standards (FIPS)." To start the service. I don't know which step is the problem.