IBM WebSphere - Administrative Security

In WebSphere admin console, expand Security and select Global security to determine if administrative security is enabled.

When creating a profile, if the -enableAdminSecurity, -adminUserName, and -adminPassword options were not used, administrative security will not be enabled.

 

When administrative security is not enabled, you will be able to sign into the web console simply by pressing Log in without having to provide a username.

 

To require users to provide a username and password to access the WebSphere web console, select a user account registry and create a primary administrative user account, enable administrative security, select save, and then sign out of the web console. It is noteworthy that application security will also be enabled by administrative security is enabled.

 

wsadmin can be used to determine if Global Security is enabled.

~]$ ${WAS_INSTALL_ROOT}/profiles/your_profile/bin/wsadmin.sh -lang jython -c "print AdminTask.isGlobalSecurityEnabled()"
WASX7209I: Connected to process "dmgr" on node node01 using SOAP connector;  The type of process is: DeploymentManager
true

 

wsadmin can be used to enable (true) or disable (false) Global Security. After changing Global Security, you would need to restart the deployment manager for this change to take effect.

~]$ ${WAS_INSTALL_ROOT}/profiles/your_profile/bin/wsadmin.sh -lang jython -c "print AdminTask.setGlobalSecurity ('[-enabled false]')"

 

wsadmin can be used to enable Administrative Security. You may want to use -conntype NONE when performing this task.

# jacl
securityon john.doe password

# jython
securityon('john.doe', 'password')

 

Restart the application server or dmgr, and you should now be required to provide a username and password to be able to sign into the web console.



Add a Comment




We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.





Please enter 7870b in the box below so that we can be sure you are a human.




Comments

Web design by yours truely - me, myself, and I   |   jeremy.canfield@freekb.net   |