Copyright IBM Corporation 2005. All rights reserved. Active user regist Local os(single, stand-alone server x and root adm ninistrator only)- Use the Federal Information Processing Standard (FIPS)] 2)Click the link for Local Os General Properties User registries Enable global security ity Local os Enforce fine-grained JCA security Authentication I Use domain-qualified user IDs 田 Authentication v Issue permission warning H JAAS C. The Workspace area has General Properties that enable you to specify a Server user ID and server user password 1)Enter a valid Operating System User ID and Password a)Server user ID wsdemo b)Server user password wsdemo1 General Properties Additional Propertie 幸 Server user ID medemo a Custom properties i Server user password ****** Apply ok Reset Cancel 2)Click the Apply button 3)Click the OK button a) The main Global Security Workspace area is displayed Lab 05-Security
© Copyright IBM Corporation 2005. All rights reserved. Lab 05 - Security Page 6 of 36 2) Click the link for Local OS. __ c. The Workspace area has General Properties that enable you to specify a Server user ID and Server user password. 1) Enter a valid Operating System User ID and Password: a) Server user ID: wsdemo b) Server user password: wsdemo1 2) Click the Apply button. 3) Click the OK button. a) The main Global Security Workspace area is displayed
WebSphere software- Copyright IBM Corporation 2005. All rights reserved. 4)Click to expand Authentication mechanisms er registries 厂 Enforce Java 2 security LDAp Local os Enforce fine-grained JCA security Use domain-qualified user IDs 团 Authentication ** Cache timeout mechanisms 团 Authentication v Issue permission warning 日JAAs Active protocol Configuration 5)Click the link for LTPA a)You will be using LTPa as the authentication mechanism b) The Workspace area has information for you to generate the ltPa keys 6)Specify properties for Password and Confirm password For convention, specify: a)Password wsdemo1 b)Confirm password: wsdemo1 Generate Keys Import keys Export Keys Additional Proper 米* a Single signon(sso) n Trust association t Confirm password 120 Key file name Apply oK ResetCancel 7) Click the Apply button 8)Click OK. Proof of Technology Lab 05-Security Product Introduction+ Exploration(PI+E Page 7 of 36
© Copyright IBM Corporation 2005. All rights reserved. Proof of Technology Lab 05 – Security Product Introduction + Exploration (PI+E) Page 7 of 36 4) Click to expand Authentication mechanisms. 5) Click the link for LTPA. a) You will be using LTPA as the Authentication mechanism. b) The Workspace area has information for you to generate the LTPA keys. 6) Specify properties for Password and Confirm password. For convention, specify: a) Password: wsdemo1 b) Confirm password: wsdemo1 7) Click the Apply button. 8) Click OK
Copyright IBM Corporation 2005. All rights reserved. a)This action will return you to the main Global Security Workspace area d. Click the checkbox for Enable global security 1)This action will enable the checkbox for Enforce Java 2 security as well 厂 Authentication 厂 团 Authentication 2) Click the Apply butte 日M B Th eed to be restarted for these changes to take effect. 4)Check Synchronize changes with Nodes, and then click Save
© Copyright IBM Corporation 2005. All rights reserved. Lab 05 - Security Page 8 of 36 a) This action will return you to the main Global Security Workspace area. __ d. Click the checkbox for Enable global security. 1) This action will enable the checkbox for Enforce Java 2 security as well. 2) Click the Apply button. 3) Click Save. 4) Check Synchronize changes with Nodes, and then click Save
Copyright IBM Corporation 2005. All rights reserved. Global security> Save Save your workspace changes to the master configuration click Save to update the master repository with your changes, Click Discard to discard your changes and begin work again using the master repository configuration, clic cel to contin E] Total changed documents: 1 y Synchronize changes with Nodes Cancel Global Security has been enabled with LTPA as the authentication mechanism Part 3: Define administrative users and roles In this part, you will create several security accounts(User Ids and Passwords), then grant access to the administrative console for users. Each user will have a different set of privileges for performing administrative activities 1. Create four user accounts a Access a Windows command prompt. Issue the net user command to create four accounts (e.g, User IDs and passwords) for testing 1)Create the admin account with user id admin and Password Note: The asterisk(*)will cause Windows to prompt you for the password and for you to retype the password to confirm a)Enter: net user admin*ladd b)Enter: password c)Er Proof of Technology Lab 05-Security Product Introduction+ Exploration(PI+E Page 9 of 36
© Copyright IBM Corporation 2005. All rights reserved. Proof of Technology Lab 05 – Security Product Introduction + Exploration (PI+E) Page 9 of 36 Global Security has been enabled with LTPA as the authentication mechanism. Part 3: Define Administrative Users and Roles In this part, you will create several security accounts (User Ids and Passwords), then grant access to the administrative console for users. Each user will have a different set of privileges for performing administrative activities. ____ 1. Create four user accounts. __ a. Access a Windows command prompt. Issue the net user command to create four accounts (e.g., User IDs and passwords) for testing. 1) Create the admin account with user ID admin and Password: Note: The asterisk (*) will cause Windows to prompt you for the password and for you to retype the password to confirm. a) Enter: net user admin * /add b) Enter: password c) Enter: password
Copyright IBM Corporation 2005. All rights reserved. A Command Prompl C:\>net user admin */add password to confirm The command completed successfully 2)Create the config account with user ID config and Password a)Enter: net user config *ladd b)Enter: password c)Enter: password 3)Create the operator account with user Id operator and Password a)Enter: net user operator *ladd b)Enter: password c)Enter: password 4) Create the monitor account with user ID monitor and Password a)Enter: net user monitor * ladd b)Enter: password c)Enter: password 2. Access the System Administration Workarea for Console Users a Access the Administrative Console, Navigation tree and click to expand the [ System Administration tasks ab 05 -Security
© Copyright IBM Corporation 2005. All rights reserved. Lab 05 - Security Page 10 of 36 2) Create the config account with user ID config and Password *: a) Enter: net user config * /add b) Enter: password c) Enter: password 3) Create the operator account with user ID operator and Password *: a) Enter: net user operator * /add b) Enter: password c) Enter: password 4) Create the monitor account with user ID monitor and Password *: a) Enter: net user monitor * /add b) Enter: password c) Enter: password ____ 2. Access the System Administration Workarea for Console Users. __ a. Access the Administrative Console, Navigation tree and click to expand the [+] System Administration tasks