OAC security

The Financial Transaction Manager Operations and Administration Console (OAC) features a built-in security infrastructure that allows the system administrators to do the following things:
  • Prevent access to the application for unauthenticated users.
  • Prevent unauthorized users from displaying specific data, running certain actions, or both.
  • Prevent the modification of the FTM configuration settings for unauthorized users.

Prerequisites

Ensure that the following prerequisites are met before you configure the OAC security.
  • WebSphere® Application Server application security needs to be enabled.
  • The FTM OAC EAR must be installed and correctly configured, pending security configuration.

Configuring the OAC when security is enabled

The OAC can operate with its security enabled or not; that is, WebSphere Application Server application security enabled or disabled. The following topics describe how to configure the OAC to work with application security enabled and provide user groups with various levels of access to the resources or views within the OAC. They explain how the FTM database needs to be configured to enforce fine-grained authorization along with WebSphere Application Server application security and authentication.