The Security page in the Admin Console enables you to set a variety of system-wide security settings.
Expand the Configuration node.
Select the Security node.
The Security page displays.
Modify the values as necessary.
The general security options are discussed in the following table.
Setting | Description |
---|---|
Security Manager | Select the Enable checkbox to turn on the security manager for the domain. When enabled, a JVM option, -Djava.security.manager, will be added to the JVM setting of the Application Server. See To configure the JVM Options. You must restart the server to enable this change. Ensure that you have granted correct permissions for all applications. You can turn off the security manger to enhance performance. |
Audit Logging | Select to enable audit logging. If enabled, the server will load and run all the audit modules specified in the Audit Modules setting. If disabled, the server does not access audit modules. Disabled by default. |
Default Realm | The active (default) realm the server uses for authentication. Applications use this realm unless they specify a different realm in their deployment descriptor. All configured realms appear in the list. The initial default realm is the file realm. |
Anonymous Role | The name for the default or anonymous role. The anonymous role is assigned to all users. Applications can use this role in their deployment descriptors to grant authorization to anyone. |
Default Principal | Specifies the default user name. The server uses this when no principal is provided. If you enter a value in this field, enter a corresponding value in the Default Principal Password field. This attribute is not required for normal server operation. |
Default Principal Password | Password of the default principal specified in the Default Principal field. This attribute is not required for normal server operation. |
JACC | Class name of a configured JACC provider. See To create a JACC provider |
Audit Modules | List of audit module provider classes, delimited by commas. A module listed here must already be configured. If Audit Logging is enabled, this setting must list audit modules. By default, the server uses an audit module named default. For information on creating new audit modules, see To create an audit module. |
Default Principal To Role Mapping | Check to apply a default principal-to-role mapping to applications that do not have an application-specific mapping. |
Mapped Principal Classes | Customize the java.security.Principal implementation class used in the default principal-to-role mapping. |
Enter additional properties to pass to the Java Virtual Machine (JVM) in the Additional Properties section.
Valid properties are dependent upon the type of realm selected in the Default Realm field. Valid properties are discussed in the following sections:
Select Save to save the changes or Load Defaults to restore the default values.