The best practice is not using of internal repository of users in BPM's production environment.
How to do this?
Very simply.
1. Open ISC. Security - Global Security - Federated Repositories - Configure.
2. Check the repository named o=twinternal and press Remove. OK. Save.
3. Enable WAS security. Security - Global Security - uncheck Enable administrative security. OK. Save.
4. Restart WAS.
5. Open ISC. Security - Global Security - use Security Configuration Wizard for enabling of security.
6. Restart WAS.
7. Open ISC. Create tw_admin, tw_author and others users named as internal in WAS repository (Users and Groups - Manage Users). Also create the group WSecurityProviderUsers.
8. Open Applications - Enterprise Applications > IBM_BPM_PerformanceDW_..._server1 > User RunAs roles and map your tw_user and its password to the application's RunAs role.
9. Open Applications - Enterprise Applications - IBM_BPM_Teamworks_..._server1 - User RunAs roles and map your tw_admin and its password to the application's RunAs role.
10. Restart WAS.
Return to the internal: http://bpmadmin.blogspot.ru/2012/12/the-twsecurityproviderusers-entity-was.html
How to do this?
Very simply.
1. Open ISC. Security - Global Security - Federated Repositories - Configure.
2. Check the repository named o=twinternal and press Remove. OK. Save.
3. Enable WAS security. Security - Global Security - uncheck Enable administrative security. OK. Save.
4. Restart WAS.
5. Open ISC. Security - Global Security - use Security Configuration Wizard for enabling of security.
6. Restart WAS.
7. Open ISC. Create tw_admin, tw_author and others users named as internal in WAS repository (Users and Groups - Manage Users). Also create the group WSecurityProviderUsers.
8. Open Applications - Enterprise Applications > IBM_BPM_PerformanceDW_..._server1 > User RunAs roles and map your tw_user and its password to the application's RunAs role.
9. Open Applications - Enterprise Applications - IBM_BPM_Teamworks_..._server1 - User RunAs roles and map your tw_admin and its password to the application's RunAs role.
10. Restart WAS.
Return to the internal: http://bpmadmin.blogspot.ru/2012/12/the-twsecurityproviderusers-entity-was.html
No comments:
Post a Comment