0

How to setup basic authentication in Websphere 8.5 console?

I've setup BASIC authentication on Tomcat.

My WEB.XML looks like this -

<security-constraint>
    <web-resource-collection>
        <web-resource-name>My Manager</web-resource-name>
        <url-pattern>/rest/LoginToPropManager</url-pattern>
        <http-method>GET</http-method>
    </web-resource-collection>
    <auth-constraint>
        <description>Let only Administrator login</description>
        <role-name>propertymanageradmin</role-name>
    </auth-constraint>
</security-constraint>

<security-role>
   <role-name>propertymanageradmin</role-name>
</security-role>

<login-config>
  <auth-method>BASIC</auth-method>
  <realm-name>Admin</realm-name>
</login-config>

In Tomcat, I've the following configuration - 

<role rolename="propertymanageradmin"/>
<user username="admin1234" password="XXXX" roles="propertymanageradmin"/>

I am now trying to setup this on Websphere 8.5 and it is too confusing with a lot of screens. I do not find good articles on this. Can anyone please help?

user3549439
  • 21
  • 2
  • 6
  • Possible Duplicate? [How do I get basic authentication working on WebSphere?](http://stackoverflow.com/questions/6306997/how-do-i-get-basic-authentication-working-on-websphere) – Izzy Sep 10 '14 at 16:07
  • Following the steps from Izzy's comment - 5. click the Security role to user/group mapping 6. Select the roles you wish to use for authentication 7. Click look up users or look up groups 8. click search and select users (that are setup in your websphere under Users and Groups menu I'm having issues with step 8. When I go to manage users link, it won't let me setup any users and asks to enable administrative security. Why would I set up administrative security when I need only application security? – user3549439 Sep 10 '14 at 16:25

1 Answers1

1

To enable application security, administrative security must be enabled. This is by design. You can have administrative security without application security, but not the other way around.

By default WAS has administrative security enabled, when installed (unless you've changed that). The most basic configuration will use federated repository with file registry configured. You will be able to add users and groups via console. And then map your defined users to roles as you described in the comments.

In most production environments there is LDAP registry included in federtated, in that case you don't add users, as they are taken from LDAP.

For some more info on security check WebSphere Application Server V7.0 Security Guide redbook (its for v7, but most of the information applies to v8.x also, some screens might be a bit different.

Gas
  • 17,601
  • 4
  • 46
  • 93