Show Table of Contents
3.2. Modify Security Settings
Several security settings on IBM WebSphere 8 need to be changed and/or confirmed to be in place for the Business Central application to work on WebSphere 8. The following settings enable the container managed authentication mechanisms provided by the WebSphere server.
- In WebSphere 8 administrative console, click on --> . Ensure that the option
Enable Application securityis checked. This may already be checked and overridden at the server level. - Click on Custom properties and then to enter a new custom property with the following details:
Name:com.ibm.ws.security.web.logoutOnHTTPSessionExpireandValue:true. This property instructs the server to invalidate LTPA tokens on session invalidation, thereby making the logout process consistent across multiple users using the same browser.Click and then . - Next, click on --> and create 2 new groups: admin, and analyst.
Note
Add thekie-servergroup as well if you will install the Realtime Decision Server. Also add the REST API groups if you will use API. For further information about API roles, refer to Chapter 17. Remote API. - Click on --> and create a user (for example: business-central-admin) and assign it to the
adminuser group that was created in the previous step.Note that you should not create users with usernames that are identical to group names. For example, do not create a user with the username ofadmin.Note
You may assign this user to any of the groups you have just created. In the actual production systems, you are likely to create separate users for separate groups that align with business roles. The admin group is all encompassing and is therefore useful for the purposes of this setup. Also note that users who need access to the REST API need to be also assigned to appropriate REST API roles. Setup session management custom settings
Next, click on --> --> in your WebSphere administrative console and then select the server on which you are deploying Business Central.- Click on --> . Click .
- In the settings page, enter
InvalidateOnUnauthorizedSessionRequestExceptionand set its value totrue. - Click and then .
Where did the comment section go?
Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.