Configuring security for InfoSphere MDM Reference Data Management Client

You use the administrative console to configure the security settings that are used by InfoSphere® MDM Reference Data Management Hub.

Before you begin

Start the administrative console and log in.


  1. In the Authentication section, select LTPA.
  2. Go to Web and SIP Security > General Settings.
  3. Select Authenticate only when the URI is protected and Use available authentication data when an unprotected URI is accessed.
  4. Select Default to basic authentication.
  5. Click OK.
  6. Go to Global security > Web and SIP security > Single sign-on (SSO).
  7. Enable the following options. Leave the other options disabled.
    • Enabled
    • Web inbound security attribute propagation
  8. Click Apply.
  9. In the Global security Messages section, click Save.
  10. Important: To ensure correct session invalidation when users log out, implement the following configuration.
    1. In the administrative console, go to Security > Global Security.
    2. Click Custom properties. The Custom properties page opens.
    3. Click New.
    4. In the Name field, type
    5. In the Value field, type true
      Image depicting the name and value to be entered on the custom properties page.
    6. Click Apply.
  11. Important: To set session cookies with the HttpOnly attribute, implement the following configuration.
    1. While still on the Custom properties page, click New.
    2. In the Name field, type
    3. In the Value field, type *.
    4. Click OK.
  12. Important: To restrict session cookies to HTTPS sessions, implement the following configuration.
    1. Go to Application servers > <servername> > Web container > Session management.
    2. Click Enable cookies.
    3. Enable Restrict cookies to HTTPS.
    4. Click Apply.
  13. Important: To ensure proper session creation and invalidation, implement the following configuration.
    1. Go to Application servers > <servername> > Session management > Custom properties.
    2. Click New.
    3. In the Name field, type: InvalidateOnUnauthorizedSessionRequestException
    4. In the Value field, type: true
  14. Stop and restart the IBM® WebSphere® Application Server.

What to do next

Create the groups. See Creating groups in the WebSphere Application Server repository.