IBM BS029ML - WebSphere Portal Server Self Help Manual page 128

<authDataEntries xmi:id="JAASAuthData_1174051597218" alias="wp6vm_c/samples" userId="samples"
password="{xor}LG4+Mi8zOiw=" description="JAAS Alias for WebSphere Samples"/>
<authDataEntries xmi:id="JAASAuthData_1174052349281" alias="wpdbDSJAASAuth" userId="db2admin"
password="{xor}DTovMz48Ogg2KzcGMCotGz0eOzI2MQ8oOw==" description="JAAS Alias for DataSource
wpdbDS"/>
<authDataEntries xmi:id="JAASAuthData_1174052419453" alias="designerDSJAASAuth"
userId="db2admin" password="{xor}DTovMz48Ogg2KzcGMCotGz0eOzI2MQ8oOw==" description="JAAS Alias
for DataSource designerDS"/>
<authDataEntries xmi:id="JAASAuthData_1174052423750" alias="syncDSJAASAuth" userId="db2admin"
password="{xor}DTovMz48Ogg2KzcGMCotGz0eOzI2MQ8oOw==" description="JAAS Alias for DataSource
syncDS"/>
...
</security:Security
The applicationLoginConfig entries define the JAAS login modules, and the Portal_LTPA
mentioned in 4.1.5, "WebSphere Portal login process" on page 91 is one of the entries. When
you extend the Portal login process, the Portal_Login module will contain the Java class
name.
The repertoire entries contain SSL repertoires defined for Secure Socket Layer
communication. If you customize the key and trust files, the file names and paths must be
replaced here.
The authDataEntries specify the J2A authentication aliases for accessing the datasources
defined in JDBC providers at runtime.
admin-authz.xml
This file is in the same directory as security.xml. It contains the users and groups for the
administrative console administration. Example 4-6 shows the content of a sample.
Example 4-6 Sample admin-authz.xml
<?xml version="1.0" encoding="UTF-8"?>
<rolebasedauthz:AuthorizationTableExt xmi:version="2.0" xmlns:xmi="http://www.omg.org/XMI"
xmlns:rolebasedauthz="http://www.ibm.com/websphere/appserver/schemas/5.0/rolebasedauthz.xmi"
xmi:id="AuthorizationTableExt_1" context="domain">
<authorizations xmi:id="RoleAssignmentExt_1" role="SecurityRoleExt_1">
<users xmi:id="UserExt_1109285497219" name="cn=wpsbind,ou=people,ou=dept,o=acme.com"/>
<users xmi:id="UserExt_1142530744703" name="cn=wpsadmin,ou=people,ou=dept,o=acme.com"/>
<specialSubjects xmi:type="rolebasedauthz:ServerExt" xmi:id="ServerExt_1"/>
</authorizations>
<authorizations xmi:id="RoleAssignmentExt_2" role="SecurityRoleExt_2"/>
<authorizations xmi:id="RoleAssignmentExt_3" role="SecurityRoleExt_3"/>
<authorizations xmi:id="RoleAssignmentExt_4" role="SecurityRoleExt_4">
<users xmi:id="UserExt_1157057598297" name="cn=asdf,ou=people,ou=dept,o=acme.com"/>
</authorizations>
<roles xmi:id="SecurityRoleExt_1" roleName="administrator"/>
<roles xmi:id="SecurityRoleExt_2" roleName="operator"/>
<roles xmi:id="SecurityRoleExt_3" roleName="configurator"/>
<roles xmi:id="SecurityRoleExt_4" roleName="monitor"/>
</rolebasedauthz:AuthorizationTableExt>
You can see that two users, wpsbind and wpsadmin, were assigned the Administrator role
and the Monitor role.
114
IBM WebSphere Portal V6 Self Help Guide