Use this page to configure the standalone custom registry. To view this administrative console page, complete the following steps:
After the properties are set in this panel, click Apply. Under Additional Properties, click Custom properties to include additional properties that the custom user registry requires.
Note: Custom properties might include information such as specifying lists of users or groups.
When security is enabled and any of these custom user registry settings change, go to the Secure administration, applications, and infrastructure panel and click Apply to validate the changes.
WebSphere Application Server V6.1 distinguishes between the user identities for administrators who manage the environment and server identities for authenticating server to server communications. In most cases, server identities are automatically generated and are not stored in a repository.
Specifies the name of a user with administrative privileges that is defined in your custom user registry. The user name is used to log onto the administrative console when administrative security is enabled. V6.1 requires an administrative user that is distinct from the server user identity so that administrative actions can be audited. Attention: In WebSphere Application Server, Versions 5.x and 6.0.x, a single user identity is required for both administrative access and internal process communication. When migrating to V6.1, this identity is used as the server user identity. You need to specify another user for the administrative user identity.
Enables the application server to generate the server identity, which is recommended for environments that contain only V6.1 or later nodes. Automatically generated server identities are not stored in a user repository.
You can change this server identity on the Authentication mechanisms and expiration panel. To access the Authentication mechanisms and expiration panel, click Security > Secure administration, applications, and infrastructure > Authentication mechanisms and expiration. Change the value of the Internal server ID field.
| Default: | Disabled |
Specifies a user identity in the repository that is used for internal process communication. Cells that contain V5.x or 6.0.x nodes require a server user identity that is defined in the active user repository.
| Default: | Enabled |
Specifies a dot-separated class name that implements the com.ibm.websphere.security.UserRegistry interface.
Put the custom registry class name in the class path. A suggested location is the following directory.
| Data type: | String |
| Default: | com.ibm.websphere.security.FileRegistrySample |
Indicates that a case-insensitive authorization check is performed when you use the default authorization.
| Default: | Disabled |
| Range: | Enabled or Disabled |