Modifying the configuration file settings

The operation of the WebSEAL server is controlled by using the WebSEAL configuration file and a corresponding obfuscated file that is used for sensitive data. Use the local management interface to modify the configuration file.

About this task

For details on the stanza entries that you can use in the WebSEAL configuration file, see the Web Reverse Proxy Stanza Reference topics in the IBM® Knowledge Center.

Configuration file organization
The configuration file contains sections that control specific portions of WebSEAL. Each section contains further divisions that are called stanzas.

Stanza labels appear in brackets.

[stanza_name]

For example, the [ssl] stanza defines the SSL configuration settings for use by the WebSEAL server.

Each stanza in a Security Access Manager configuration file contains one or more stanza entries. A stanza entry consists of a key value pair, which contains information that is expressed as a paired set of stanza entries. Each stanza entry has the following format:

key = value

The initial installation of WebSEAL establishes many of the default values. Some values are static and never change; other values can be modified to customize server function and performance.

The ASCII-based text file can be edited with a common text editor.

Configuration file name and location
A unique WebSEAL configuration file is created for each WebSEAL instance. The name of the configuration file includes the instance name.
 webseald-instance_name.conf

The administrator can use the local management interface to configure more WebSEAL instances and specify each new instance_name.

The configuration utility uses the specified instance_name to name the new WebSEAL configuration file. For example, if you name the new WebSEAL instance webseal2, the following configuration file is created:

 webseald-webseal2.conf

For more information about WebSEAL instance configuration, see WebSEAL instance deployment.

Procedure

  1. Log in to the local management interface.
  2. Select Secure Web Settings > Manage > Reverse Proxy.
  3. Select the appropriate WebSEAL instance.
  4. Select Manage > Configuration > Edit Configuration File.
    Note: To complete basic configuration file updates, select the WebSEAL instance and click Edit.
  5. Make the required changes to the configuration.
  6. Save your changes. The local management interface displays a warning message that states about an undeployed change.
  7. Click Click here to review the changes or apply them to the system. Review the change and click Deploy. A System Warning displays to indicate that the deployment is complete and a restart is required.
  8. Restart the WebSEAL instance from the Reverse Proxy Management page for these changes to take effect.
Parent topic: Web server configuration
Related concepts:
Content caching
Communication protocol configuration
IPv4 and IPv6 overview
IPv6: Compatibility support
IP levels for credential attributes
LDAP directory server configuration
WebSEAL worker thread configuration
WebSEAL worker threads
Global allocation of worker threads for junctions
Per-junction allocation of worker threads for junctions
HTTP data compression
WebSEAL data handling by using UTF-8
UTF-8 dependency on user registry configuration
UTF-8 data conversion issues
UTF-8 impact on authentication
UTF-8 impact on authorization (dynamic URL)
Encoding type usage
UTF-8 support for uniform resource locators
UTF-8 support in POST body information (forms)
UTF-8 support in query strings
UTF-8 encoding of tokens for cross domain single signon
UTF-8 encoding of tokens for e-community single signon
UTF-8 encoding of cookies for failover authentication
UTF-8 encoding of cookies for LTPA authentication
UTF-8 encoding in junction requests
Validation of character encoding in request data
Setting system environment variables
Related tasks:
Specifying the WebSEAL host name
Configuring WebSEAL for IPv6 and IPv4 requests
Related reference:
IPv6: Upgrade notes
Allocation view of worker threads for junctions
Supported wildcard pattern matching characters