Network Deployment (Distributed operating systems), v8.0 > Secure applications and their environment > Set up, enabling and migrating security > Enable security

Test security after enabling it

Basic tests are available that show whether the fundamental security components are working properly. Use this task to validate the security configuration.

After configuring administrative security and restarting all of your servers in a secure mode, validate that security is properly enabled.

There are a few techniques that you can use to test the various security login types. For example, you can test the Web-based BasicAuth login, Web-based form login, and the Java client BasicAuth login.

Basic tests are available that show whether the fundamental security components are working properly. Complete the following steps to validate the security configuration:

Procedure

1. After enabling security, verify that the system comes up in secure mode.

2. Test the Web-based BasicAuth with Snoop, by accessing the following URL: http://hostname.domain:9080/snoop.

   A login panel is displayed. If a login panel does not display, then a problem exists. If the panel appears, type in any valid user ID and password in your configured user registry.

   The Snoop servlet is only available in the domain if you included the DefaultApplication option when adding the application server to the cell. The -includeapps option for the addNode command migrates the DefaultApplication option to the cell. Otherwise, skip this step.

3. Test the Web-based form login by starting the admin console: http://hostname.domain:port_number/ibm/console.

   A form-based login page is displayed. If a login page does not appear, try accessing the admin console

   Type in the administrative user ID and password that are used for configuring your user registry when configuring security.

4. Test Java Client BasicAuth with...
   WAS_HOME/bin/dumpNameSpace.sh

   A login panel appears. If a login panel does not appear, there is a problem. Type in any valid user ID and password in your configured user registry.

5. Test all of the applications in secure mode.

6. If all the tests pass, proceed with more rigorous testing of your secured applications. If we have any problems, review the SYSOUT and SYSPRINT logs. For more information on common problems, see Troubleshoot security configurations.

Web component security
Administrative roles and naming service authorization
Secure enterprise bean applications
Security: Resources for learning

+

Search Tips   |   Advanced Search