Planning security
When planning WSRR security, you must consider the security of the WSRR application in WebSphere® Application Server, and the configuration of WSRR access control policies.
There are two separate aspects of security that you must consider
when planning to install and deploy WSRR:
- Application security in WebSphere Application Server
- Application security is configured by using J2EE roles that control both administrative and
non-administrative access to the WSRR application. During WSRR deployment, you can supply the names
of users and groups that are to have access to the WSRR application; the deployment process then
automatically maps those users and groups to the correct J2EE roles in WebSphere Application Server. The deployment process does not enable
application security automatically, but if you enable application security in WebSphere Application Server before deploying WSRR, then on completion of
WSRR deployment, your application security will be fully configured.
If you install with application security turned off, be aware that you must take special steps to ensure that the dashboard works correctly, see Configuring an unsecure WebSphere Application Server to work with the dashboard, web UI, and BIRT reports. You must also perform these steps if you configure a secure WSRR without SSL.
- Access control policy configuration in WSRR
- You use WSRR access control policies to define the permissions that specified users and groups have to perform actions on objects in WSRR. You configure WSRR access control policies after you have completed the installation and deployment of WSRR.
Further guidance on these considerations is available as technotes from the WSRR support site at http://www.ibm.com/software/integration/wsrr/support/.
WSRR security planning considerations are described in further detail in the following subtopics: