Try OpenEdge Now
skip to main content
Administration
Web Services Adapter Administration : Web Services Adapter Security Configurations : Initial settings
 

Initial settings

Java container security is initially set in OpenEdge-Install-Directory/servlets/wsa/web.xml as shown in the following table.
Table 27. Initial settings for Java container security
Security feature
Status
web.xml setting
Mandatory authentication and authorization for users of Web service applications
Disabled
The security-context for Web service applications, wsa-root-url, is commented out.
Mandatory authentication and authorization for users of WSDL files
Disabled
The security-context for WSDL file access, wsa-root-url/wsdl, is commented out.
Mandatory authentication and authorization for WSA administration users with either the PSCAdmin or PSCOper role
Enabled
The security-context for administration access, wsa-root-url/admin, is not commented out.
WSA security is initially set in ubroker.properties, as shown in the following table.
Table 28. Initial settings for WSA security
Security feature
Status
ubroker.properties setting
Access to administration operations
Enabled
adminEnabled=1
Access to Web service applications
Disabled
webAppEnabled=0
Note: Before any web service request can be accepted, this property must be set on (1).
Access to WSDL files
Disabled
enableWsdl=0
enableWsdlListings=0
Mandatory authentication and authorization of users with an administrator role
Enabled
adminAuth=1
Mandatory authentication and authorization of users of Web service applications
Disabled
appAuth=0
Definition of administrator roles
PSCAdmin, PSCOper
adminRoles=PSCAdmin,
           PSCOper
Note: A developer might develop and test a Web service using a nonsecure WSA, then (if necessary) either deploy it to a secure WSA or secure the test WSA.