|You must secure your WebSphere Application Server so that
every user accessing the web application will be authenticated by their
company LDAP identity. Otherwise, all users logging onto the web
application would be able to access the application without entering a
username and password. They will also arrive in the application with the
There are several mechanism for securing the WAS, for example:
This scenario illustrates authentication against an LDAP directory.
This task requires input relative to an LDAP user which must already exist in the LDAP directory and must have been created with specific rights. In our scenario, we used the wpsadmin user set up earlier when configuring a typical LDAP server. You will be prompted to enter this user id and password when you later start the WebSphere Administrative Console.
For detailed information about this LDAP user, refer to Configuring and Customizing the LDAP Repository.
To secure your WebSphere Application Server, two alternative methods are available:
|For this task, you will need the following:
Securing the WebSphere Application Server Using the Security Tab
Once that you have started the Deployment Wizard for V5 Web Applications as described in Creating the Enterprise Archive File:
Checking Security Using the WebSphere Administrative Console
Once you have secured the WAS using the Security tab in the Deployment Wizard for V5 Web Applications, you can then start the WebSphere Administrative Console and follow the instructions below to check that the WAS has been correctly secured.
Note: this is not mandatory. All necessary security customizations are performed automatically by your settings in the Security tab. You should not have to perform any manual edits in the console.
Restarting the WebSphere Application Server with Security Activated
At this stage, the WebSphere Application Server is still running without security.