UDDI registry security additional considerations

In addition to the configuration of UDDI registry security, a number of other UDDI registry settings can affect the behavior of the UDDI registry. Some of these settings are security specific and others are points to consider when configuring security.

Security specific considerations

UDDI registry interfaces are protected as detailed in Access control for UDDI registry interfaces.

The UDDI registry supports the use of XML Digital Signatures to sign UDDI entities. See Use of digital signatures with the UDDI registry.

Additional policy considerations

A number of the UDDI property and policy settings also determine the behavior of a UDDI registry with respect to security. To review or change the following property settings, click UDDI > UDDI Nodes > uddi_node_name. The settings are also detailed in the administrative console help.

Key space requests require digital signature

This setting determines whether all tModel:keyGenerator requests for key space must be digitally signed. To understand key space, see UDDI registry V3 Entity Keys.

Use authInfo credentials if provided

This setting applies only when WebSphere Application Server security is disabled. See Configuring UDDI Security with WebSphere Application Server security disabled.

Authentication token expiry period

The authentication token expiry period is the length of idle time (in minutes) allowed before an authentication token is no longer valid.

Default user name

The default user name is used for publish operations when WebSphere Application Server security is disabled and no authentication token data is supplied.

Authorization for inquiry

Specifies whether authorization using authentication tokens is required for inquiry API requests.

Authorization for publish

Specifies whether authorization using authentication tokens is required for publish API requests.

Authorization for custody transfer

Specifies whether authorization using authentication tokens is required for custody transfer API requests.

Other considerations

The publish related actions that a registered UDDI publisher can perform are defined by their entitlements, as described in UDDI registry user entitlements.

In addition to the property and policy settings already described, some UDDI keying and user policy settings also influence publish behavior. These settings are not specific to security, but you should consider them because they also place restrictions on successful completion of publish requests. To review or change the following property settings, click UDDI > UDDI Nodes > uddi_node_name. The settings are also detailed in the administrative console help

Automatically register UDDI publishers

The UDDI registry requires that publisher entitlements are set before allowing any publish requests. This option automatically registers users with default entitlements.

If this option is not selected, users (and their entitlements) can be registered. See UDDI Publisher settings.

Use tier limits

If selected, tier limits are enforced.

If this option is selected, you need one or more tiers configured (see Tier collection and UDDI Tier settings). Also, ensure that registered UDDI Publishers are assigned to a tier (see UDDI Publisher settings).

Registry key generation

If this option is selected, publishers can request key space and, if successful, publish with publisher assigned keys.

Sub-topics

Related concepts

Related tasks