Configuring WebSphere to Use Anonymous Login

In WebSphere, you can disable security for the entire business services server application by detaching the custom JAX-WS policy set and binding. When you disable security, the system uses anonymous login credentials for authentication for all of the published services instead of the user credentials supplied in the WS-Security part of the SOAP Header. The anonymous login credentials are stored in the jdbj.ini file on the business services server.

To set up anonymous login for JAX-WS business services on WAS:

1. Login to the WAS Admin Console.

2. From the left-hand menu, click Applications > Application Types > WebSphere enterprise applications.

3. On the right-hand Enterprise Applications page, select the business services server application/instance for which you want to set up anonymous login.

4. On the Business Services Server Applications page, with the Configuration tab selected, click the Service provider policy sets and bindings link under the Web Services Properties heading.

   

5. On the Service provider policy sets and bindings page, select the business services server application and click the Detach Policy Set button.

   This action detaches both the policy set and the binding for all of the published services in the business service application.

   

6. Save the changes.

7. Restart the business services server for changes to take effect.

After anonymous login is set up, you can invoke all of the published services in the business services application anonymously without passing user credentials in the WS-Security part of the SOAP Header.