DB2 Web Service Provider Security (3)

"Guided reading" in this article, we will explain how to enable security for the DB2 Web service Provider application, which includes enabling authentication, setting up authorization, and ensuring that messages are encrypted. We will also explain how WEB service users are mapped to database users.

was set

You can use the WebSphere Management console to configure WebSphere, which is a browser-based tool. If you installed WebSphere by default, its location is http://localhost:9090/admin/. We will enable security, complete the DataSource settings, and eventually deploy the EAR we created. If you are doing this in a WebSphere installation, it is a good idea to use the Backupconfig tool to back up the old work configuration. For information about the tool, see your WebSphere documentation.

The first step is to open security in WebSphere. This enables WebSphere to enforce all security constraints in the Web application. Navigate to the security-> User registries-> the local OS page. Provides a user ID and password that WebSphere can use to connect to the user registry. The default user registry is the operating system, but WebSphere also supports LDAP and the user registry.

Figure 18. Setting the user identity for the OS user registry

Next, navigate to the Security-> Global Security Section and select the Enabled check box, as shown in Figure 19. Make sure that "enforece Java 2 Security" is not enabled. If it is enabled, we will need to configure the Java virtual machine security configuration file with the files it allows to access, such as all DADX files. Also make sure that "User registry" is the default ("local OS"), otherwise these directives will not work.

Figure 19. Enable global security