Jazz Library Tip: Configuring WAS with Federated realm
Author name

Tip: Configuring WAS with Federated realm

Last Updated: October 31, 2008
Author: Daniel Kogan

Summary

In this article, we will provide step by step guidance of how to setup WAS with Federated realm to install Jazz Server including discussion on Application Server Realm Configuration, Group Management, Security setting.

For the General WAS setup with Jazz please follow this Installing Jazz Team Server with WAS article.

More Information

Jazz uses J2EE container managed authentication for login and system permissions. For application security to work, you must configure a realm with the application server. For the full application functionality, including viewing system user roles and importing users, Jazz supports an LDAP realm.

For the WAS setup with LDAP server please follow the WAS LDAP realm setup article

If you are just testing, however, you can also configure a file based realm for application security. This realm will then be used for authentication and authorization, but Jazz will not be able to query what roles a user has or import users. The following sections show you how to configure the file based realm for application security.

Local File Authentication Setup

In this section we will show how to setup and configure Local file based authentication using Federated realm.

  1. In the WAS Admin Console go to Secure Administration, applications, and infrastructure Servers menu option in the left menu column



  2. For Local Authentication, choose Federated Realm. When selecting the Realm to configure Set as current button needs to be activated in order to save this option.

  3. Note 

      Unless Set as current button is clicked the chosen Realm might not be the one used for Jazz deployment (see the image below)




  4. Press the Configure button to go into Realm Configuration Screen.


  5. Verify the values. Make sure that Primary Administrative user name is set to the WAS admin. Click on Apply and then Save.

  6. Note

  • With the Federated Realm no special values need to be provided.
  • It is recommended to restart the WAS server after security setup before the application deployment.
  • The realm needs to be chosen and setup before defining groups and users.

Groups and Users Setup

In this section we will show how to setup and configure Groups and Users to be used for the local file based authentication.

  1. In order to run Jazz server you need to define the groups and users in the WAS repository that would later be mapped to the Jazz groups from the deployment descriptor. In order to do it click on Users and Groups in the left panel


  2. Note
    • Make sure that you add groups before installing Jazz application. As the Jazz.war is known to conflict with the user management session in WAS.
    • If you already installed Jazz.war and User Management Link brings empty screen (nothing below the Manage Group title) you should uninstall the Jazz war, save configuration, restart WAS service and then create the groups following by deploying Jazz all over from the start.




  3. In the “Manage Groups” section, you need to create 4 groups by clicking on “Create” button.


  4. And providing these names:
    • JazzAdmins
    • JazzDWAdmins
    • JazzGuests
    • JazzUsers

    At the end it should look like this:



  1. In the “Manage Users” section, you need to create user for each of the user that you are planning to run Jazz with.



  2. The ADMIN is the name used to configure Jazz so it must be created and linked to the JazzAdmins group. Create other names as needed and assign then to the appropriate group.

Tue, 11 Nov 2008