Websphere Application Server中使用的安全属性“服务器用户身份"是什么? [英] What is security property 'Server user identity' used for in Websphere Application Server?
问题描述
为Websphere Application Server配置全局安全性时,无论您选择联合存储库,LDAP注册表还是自定义注册表,都将设置一个名为服务器用户身份"的属性.根据官方解释,这用于服务器到服务器通信期间的身份验证.这是否意味着当服务器在一个单元中彼此通信时,需要进行身份验证,并且将在此使用该值?并且此值是否仅影响内部过程,就像在同一单元格内一样?或者也可以在单元格之间?如果没有以这种方式利用它,那么服务器用户身份"如何工作?
When configuring the global security for Websphere Application Server, no matter you choose Federated Repositories, LDAP registry or custom registry, there is a property named 'Server user identity' to be setup. According to the official explanation, this is used for authentication during server to server communication. Does it mean when server communicating with each other within one cell, authentication is required and this value would be used there? And does this value only impact internal process, like within same cell? Or it can also be between cells? If it's not leveraged like this way, then how does 'Server user identity' work?
Kinda不明白这一点.请帮我弄清楚.预先感谢
Kinda don't understand this. Please help me figure it out. Thanks in advance
推荐答案
在WAS 6之前,管理访问和内部流程通信都需要单个用户身份,即主要管理用户".根据定义,该用户必须存在于配置的用户注册表中.
Until WAS 6, a single user identity was required, namely 'primary administrative user', for both administrative access and internal process communication . This user, by definition, had to exist on the configured user registry.
从6.1版开始,WAS需要一个管理用户(不同于服务器用户身份),以便可以分别审核管理操作.
From version 6.1 onwards, WAS requires an administrative user, distinguished from the server user identity, so that administrative actions can be audited separately.
出于所有实际目的,如果您使用的是6.1+版,并且您不在混合发布单元中(该单元包含WAS的较早版本以及当前版本的配置文件),则可以继续自动生成内部用户ID.内部生成的服务器ID还为服务器环境添加了更高级别的保护,因为未公开服务器密码.
For all practical purposes, if you are using version 6.1+, and you are not in a mixed-release cell (cell containing profiles of older versions of WAS in addition to current versions), you may just go ahead with automatically generated internal user id. An internally-generated server ID also adds a further level of protection to the server environment because the server password is not exposed.
For mixed-release cells you may check infocenter here for details on how to configure server user id in this case.
服务器用户ID用于单元中服务器到服务器的通信.我找不到任何文件暗示此参数也与跨单元通信有关.
Server user id is used for server to server communication in a cell. I could not find any documentation that implies this parameter is also related with cross cell communication.
这篇关于Websphere Application Server中使用的安全属性“服务器用户身份"是什么?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
