Sun OpenSSO Enterprise Policy Agent 3.0 Guide for IBM WebSphere Application Server 6.1/7.0 and WebSphere Portal Server 6.1

Allowing Access to the WebSphere Application Server 6.1/7.0 Administration Console

This task involves creating the corresponding URL policies in the OpenSSO Enterprise Console so that a specific user or group has access to the WebSphere Application Server 6.1/7.0 Administration Console.

ProcedureTo Allow Access to the WebSphere Application Server 6.1/7.0 Administration Console

  1. Log in to the OpenSSO Enterprise Administration Console.

  2. Create URL policies that provide the appropriate subjects with access to the WebSphere Application Server 6.1/7.0 Administration Console.

    Ensure that you give access to both HTTP and HTTPS based administration URLs. For example, you might allow the wasadmingroup access to the WebSphere Application Server 6.1/7.0 Administration Console by setting the following URL patterns:

    • http://host1.subexample.example.com:9060/*

    • https://host1.subexample.example.com:9043/*

    • http://host1.subexample.example.com:9060/*?*

    • https://host1.subexample.example:9043/*?*

    In this example, the WebSphere Application Server 6.1/7.0 Administration Console is running with the HTTP protocol on port 9060 and the HTTPS protocol on port 9043. All other changes to the agent configuration to trap logout events have already been configured by the agent installer. Note that the agent is configured in the most restrictive mode ALL at this point.