How to get basic authentication working in WebSphere?

Question

How to get basic authentication working in WebSphere?

Ok, so I used the Java / Jersey web service on Tomcat with basic authentication, which works fine. I have permissions set in the web.xml file of my project and the users are configured in tomcat-users.xml on the server. It works great. The problem is that now I need to port this project to WebSphere, which has nothing to do with implementing basic authentication.

I saw this question: Websphere 6.1 and BASIC Authentication and reviewed Chapter 7 of this pdf as suggested, but I can’t find the correct settings (I don’t have the option labeled “enable global security” like most methods) and I try to run my project, while the pdf file is extremely project specific.

So, to clearly ask my question, what is the easiest way to enable basic authentication in WebSphere 6.1?

+5

java web-services websphere basic-authentication websphere-6.1

ZKSteffel Jun 10 '11 at 13:27

source share

2 answers

http-. , , JEFF. , . http-, https://www.aspectsecurity.com/research/aspsec_presentations/download-bypassing-web-authentication-and-authorization-with-http-verb-tampering/

+3

Jeff Williams 01 . '12 14:57

Gurnard · Accepted Answer · 2011-06-10T13:45:18+0000

After writing all this below, I remember that I wrote about it for myself here:

WebSphere 6.1 and Application Authentication

, web.xml :

     <security-role>
    <role-name>myrole</role-name>
  </security-role>

  <security-constraint>
    <web-resource-collection>
      <web-resource-name>mySec</web-resource-name>
      <url-pattern>/yourUrl</url-pattern>
      <http-method>DELETE</http-method>
      <http-method>GET</http-method>
      <http-method>POST</http-method>
      <http-method>PUT</http-method>
      <http-method>HEAD</http-method>
      <http-method>TRACE</http-method>
      <http-method>OPTIONS</http-method>
    </web-resource-collection>
    <auth-constraint>
      <role-name>myrole</role-name>
    </auth-constraint>
    <user-data-constraint>
      <description>SSL or MSSL not required</description>
      <transport-guarantee>NONE</transport-guarantee>
    </user-data-constraint>
  </security-constraint>

  <login-config>
    <auth-method>BASIC</auth-method>
    <realm-name>my login</realm-name>
  </login-config>

, , , :

http://localhost:9060/ibm/console

( )

,
"", .

. websphere.

>
" " ""

, web.xml .
.
,
.
( - " "
/ .
"" .
.

( Websphere).

WebSphere , .

How to get basic authentication working in WebSphere?

More articles: