Securing a service

How to enable security on a service?

Steps

  1. If you want to use Username Token related security scenarios you must create user groups who are authorized to access the service. User groups can be created from the system-default user store or an external storage. For more details on creating user groups click here
  2. If you want to provide X509 related security scenarios, add the trusted certificates to the system. For more details click here
  3. Go to the "Service Information" page of the particular service.
  4. Click on "Security" link under "Service Management" page.
  5. Select "Enable Security" as yes. This will show you a list of available security scenarios.
  6. Select the scenario and click on Next. Follow the steps

How to disable a security of a service?

Steps

  1. Go to the "Service Information" page of the particular service.
  2. Click on "Security" link under "Service Management" page.
  3. Select "Enable Security" as No. This will disable security.

Security Management

Security Management UI

User Management

Users can be added to the system default user store using the UI. Users can be deleted and their passwords can be changed.

Security Management UI

User Store Management

The application server can connect to external LDAP servers and JDBC user stores. When creating a connection to external user stores all connection properties must be specified

Security Management UI

User Group Management

User groups can be created from external and system-default user stores. A user group can have users from a single user store only. Later on it can be edited to add/remove users.

Security Management UI

Key Store Management

Key stores can be uploaded to the server.

Security Management UI

You also have the option of uploading the trusted certificates to an existing keystore.

Security Management UI