Troubleshooting
Problem
If you have not enabled Application Server security how can you secure the inbound Web Services and HTTP Servelets.
Cause
Normally Web Services and HTTP Servelets are secured using the MEAWEB Web.xml descriptor to map the maximousers security role in the Application Server to each service. If you are using native security this role has no function as authentication is done at the database level
Resolving The Problem
You can secure these services at the EJB level. Open the file:
<maximo_root>\applications\maximo\mboejb\ejbmodule\META-INF\ejb-jar.xml
You will each service has a section where the security can be configured e.g:
<session id="Session_enterpriseservice">
<ejb-name>enterpriseservice</ejb-name>
<home>psdi.iface.gateway.MEAGatewayHome</home>
<remote>psdi.iface.gateway.MEAGateway</remote>
<local-home>psdi.iface.gateway.MEAGatewayHomeLocal</local-home>
<local>psdi.iface.gateway.MEAGatewayLocal</local>
<ejb-class>psdi.iface.gateway.MEAGatewayBean</ejb-class>
<session-type>Stateless</session-type>
<transaction-type>Container</transaction-type>
<env-entry>
<env-entry-name>ALLOWDFLTLOGIN</env-entry-name>
<env-entry-type>java.lang.String</env-entry-type>
<env-entry-value>1</env-entry-value>
</env-entry>
<security-role-ref>
<description>
MAXIMO Application Users
</description>
<role-name>maximouser</role-name>
<role-link>maximouser</role-link>
</security-role-ref>
</session>
For each service defined set the ALLOWDFLTLOGIN to 0 like so:
<env-entry>
<env-entry-name>ALLOWDFLTLOGIN</env-entry-name>
<env-entry-type>java.lang.String</env-entry-type>
<env-entry-value>0</env-entry-value>
</env-entry>
Then rebuild and redeploy the Maximo.ear file.
When you send in a transaction now you must specify an HTTP Header MAXAUTH with a value of username:password encoded as a Base64 string, where username:password is a valid Maximo user.
[{"Product":{"code":"SSLKT6","label":"IBM Maximo Asset Management"},"Business Unit":{"code":"BU055","label":"Cognitive Applications"},"Component":"MEA: Generic","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"7.1;7.1.1;7.5;7.6","Edition":"","Line of Business":{"code":"LOB59","label":"Sustainability Software"}},{"Product":{"code":"SSLKTY","label":"Maximo Asset Management for IT"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":" ","Platform":[{"code":"","label":""}],"Version":"7.1.1;7.2.1;7.5","Edition":"","Line of Business":{"code":"LOB59","label":"Sustainability Software"}},{"Product":{"code":"SSKTXT","label":"Tivoli Change and Configuration Management Database"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":" ","Platform":[{"code":"","label":""}],"Version":"7.1.1;7.2.1;7.2.2;7.5","Edition":"","Line of Business":{"code":"LOB59","label":"Sustainability Software"}},{"Product":{"code":"SS6HJK","label":"Tivoli Service Request Manager"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":" ","Platform":[{"code":"","label":""}],"Version":"7.1;7.2;7.2.1;7.5","Edition":"","Line of Business":{"code":"LOB59","label":"Sustainability Software"}},{"Product":{"code":"SSWT9A","label":"IBM Control Desk"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":" ","Platform":[{"code":"","label":""}],"Version":"","Edition":"","Line of Business":{"code":"LOB59","label":"Sustainability Software"}}]
Was this topic helpful?
Document Information
Modified date:
17 June 2018
UID
swg21575076