This blog was generated by our twitter following. Join us to stay up to date on the latest Rational Automation Framework information. www.twitter.com/raf_WebSphere
Global Security within WebSphere allows for two different login options.
Global Security Disabled – Anyone can log into WebSphere without being prompted for a password. Anyone can start/stop and make configuration changes that would typically require a userName and passWord.
Global Security Enabled – This requires an individual to login to the WebSphere environment. Upon stopping/starting and other config changes, the user will be promoted for a set of credentials.
When getting started with Rational Automation Framework, you have two options.
Create a New WebSphere Cell – When the intention is to install WebSphere using RAF.
Read an Existing Cell Configuration – When a configured environment already exists and is brought into RAF to be managed.
When Enabling Global Security in the creation of a new WebSphere cell. You are given a drop down, asking whether to Enable Security. Yes or No.
If the answer is No. The predefined list of required fields does not change. See Below.
If Enable Security is set to Yes. The predefined list of required fields changes. See Below
The fields change requiring a WebSphere Administrative User and a WebSphere Administrator Password. These fields are the required fields used when attempting to login to the target system and for RAF to access the WebSphere DMGR. After the environment has been generated, the text for the fields is stored in the RAF_HOME/user/environments/<environmentName>/Cell/cellName/configuration.properties
The fields are stored above the OS userName and OS passWord. See Below
When the fields are not selected. The Global Security Information is not filled out. See Below
If the global security was enabled, but is now currently turned off, or was not enabled but now is.
Navigate to the Node scope. Find the DMGR Node and select the install.properties file. Inside this properties file there is a value. See below:
# turn on security by default
If the security enabled is true, then the WAS_USERNAME and WAS_PASSWORD from the configuration.properties will be used. If the value is set to false, they will not be used. If there are values for WAS_USERNAME and WAS_PASSWORD. There is no need to remove the values when turning on or off Global Security. Just change the Enable_Security_At_Creation = T/F.
When reading an existing cell configuration, RAF ask for the WebSphere username and password. If security is enabled, enter the correct credentials. If security is not enabled, you can enter whatever you would like into the fields. But I do believe they are required. This can pose a problem later on.
What if you read an existing cell, enter in the WebSphere userName and passWord as Hello and Hello. Then security is enabled later, and the values for WebSphere are wsadmin/wsadmin?
When reviewing the the configuration.properties files. You may have noticed how the passwords are encrypted. RAF will recognize a plain text password and encrypt it automatically. Thus, changing the encrypted password is not difficult to do in the event security has been enabled later on. Example below
CHANGE THE VALUES
THE VALUES WILL BE ENCRYPTED THE NEXT TIME AN ACTION IS RAN
NOTE: Don't forget to set the install.properites security value to true/false as well.
That is all I can think of regarding Global Security. If there is something else you would like to know. Tweet it to use at www.twitter.com/raf_WebSphere and we will do our best to answer your questions.