Enabling user security for the operational server
User security for the operational server is disabled by default for both the Standard Edition and the Advanced Edition of InfoSphere® MDM. You can enable it by changing the /IBM/DWLCommonServices/Security/enabled setting.
About this task
Changing the parameter value turns on the InfoSphere MDM Security Service, which allows InfoSphere MDM to take advantage of the authorization and authentication capabilities that are available within the application server. You can use the IBM® WebSphere® Application Server administrative console to create and populate user groups, and associate the groups with particular capabilities.
Behind the scenes, the administrative console uses the application server's embedded LDAP functionality -- or the application server's capability to refer to an external LDAP repository. For additional information, navigate to the link about managing user groups and transactions at the end of this topic.
User groups are collections of users who perform similar tasks within an organization and who require common permissions to carry out those tasks. Certain user groups were created automatically when you installed InfoSphere MDM. For a list of those user groups, navigate to the link about user accounts and MDM groups at the end of this topic.
If security is enabled, client applications must authenticate to the operational server. As you develop applications, you can specify the requestor name and user groups within the XML-based message that's passed to the application server's request-response system. The operational server validates the permissions against the user groups.
Procedure
- Open the Configuration and Management components interface.
- Find the setting /IBM/DWLCommonServices/Security/enabled.
- Change the value from false to true.
- Close the Configuration and Management interface.