Release 10.1A: OpenEdge Application Server:
Administration

Initial settings

JSE security is initially set in OpenEdge-Install-Directory/servlets/wsa/web.xml as shown in Table 7–1.

Table 7–1: Initial settings for JSE security 
Security feature
Status
web.xml setting
Mandatory authentication and authorization for users of Web service applications.
Disabled
The security-context for Web service applications, wsa-root-url, is commented out.
Mandatory authentication and authorization for users of WSDL files.
Disabled
The security-context for WSDL file access, wsa-root-url/wsdl, is commented out.
Mandatory authentication and authorization for WSA administration users with either the PSCAdmin or PSCOper role.
Enabled
The security-context for administration access, wsa-root-url/admin, is not commented out.

WSA security is initially set in ubroker.properties, as shown in Table 7–2.

Table 7–2: Initial settings for WSA security
Security feature
Status
ubroker.properties setting
Access to administration operations.
Enabled 
adminEnabled=1
Access to Web service applications.
Disabled 
webAppEnabled=0

Note: Before any web service request can be accepted, this property must be set on (1).

Access to WSDL files.
Disabled 
enableWsdl=0 
enableWsdlListings=0
Mandatory authentication and authorization of users with an administrator role.
Enabled 
adminAuth=1
Mandatory authentication and authorization of users of Web service applications.
Disabled 
appAuth=0
Definition of administrator roles.
PSCAdmin, PSCOper 
adminRoles=PSCAdmin,
           PSCOper

Note: A developer might develop and test a Web service using a nonsecure WSA, then (if necessary) deploy it to a secure WSA or secure the test WSA.

Copyright © 2005 Progress Software Corporation
 www.progress.com
Voice: (781) 280-4000
Fax: (781) 280-4095