Enabling WebSphere administrative security

Before you begin

When the CCRC WAN server is first installed, its administration URLs are accessible to anyone who has web access to the server machine (http://ccrc-wan-server/ccrc/admin/*). It is important to secure access to these URLs to prevent unauthorized users from seeing sensitive session and configuration information.

About this task

Perform the following steps to enable WebSphere administrative security. Both administrative and application security must be enabled.

Procedure

  1. In a browser, connect to: http://server:port/ibm/console where port is the "Administrative console port" in /profile_root_directory/logs/AboutThisProfile.txt.
  2. Navigate to Security > Global security.
  3. Select Enable administrative security.
  4. Ensure that Use Java 2 security is not selected.
  5. Click Security Configuration Wizard.
  6. Click Next.
  7. Choose an authentication repository other than Federated.
  8. Specify the administrator credentials.
  9. Click Next.
  10. Review the summary of your selections and click Finish.
  11. Restart the profile.
    Note: You must log in with the credentials of the administrator to run the start and stop scripts (on UNIX and Linux systems, startServer.sh and stopServer.sh; on Windows, startServer.bat and stopServer.bat) and to log in to the WAS console.