How to manually disable WebSphere Portal security

Technote (troubleshooting)


Problem

Sometimes you may find that IBM WebSphere Portal security cannot be disabled using the disable-security task and that you must manually disable security. How is this done?

Resolving the problem



To manually disable security in a standalone version

    1. Make a backup of the security.xml file:
    <wsas profile root>/config/cells/cellname/security.xml

    2. Edit the security.xml file by searching for the first instance of " enabled= ". You should see enabled="true" as in:
      <security:Security xmi:version="2.0" xmi:id="Security_1" useLocalSecurityServer="true" useDomainQualifiedUserNames="false" enabled="true"   cacheTimeout="600" issuePermissionWarning="true" activeProtocol="BOTH" enforceJava2Security="false" enforceFineGrainedJCASecurity="false" activeAuthMechanism="LTPA_1" activeUserRegistry="CustomUserRegistry_1" defaultSSLSettings="SSLConfig_1">

    3. Change to enabled="false".

    4. Save the security.xml file.

    5. Restart server1 and the WebSphere_Portal servers. If you get authentication exceptions while trying to stop the servers, you may have to manually kill the server processes and then restart them.

    6. In the wpconfig.properties file, make the following changes:
      PortalAdminId=wpsadmin
      PortalAdminGroupId=wpsadmins

      Refer to the Information Center link for specific instructions.

    7. Save the wpconfig.propeties file.

    8. Try to disable security again using the disable-security task:

      ./WPSconfig.sh disable-securit y
    At this point, security should be disabled. You can verify by accessing the WebSphere Application Server admin console. You should be prompted for only a user name, not a password.

To manually disable security in a cluster version
    1. Make a backup of the security.xml file on the Deployment Manager machine:
      <dmgr profile root>/config/cells/cellname/security.xml
    2. Edit the security.xml file by searching for the first instance of "enabled= ". You should see enabled="true" as in:
      <security:Security xmi:version="2.0" xmi:id="Security_1" useLocalSecurityServer="true" useDomainQualifiedUserNames="false" enabled="true"  cacheTimeout="600" issuePermissionWarning="true" activeProtocol="BOTH" enforceJava2Security="false" enforceFineGrainedJCASecurity="false" activeAuthMechanism="LTPA_1" activeUserRegistry="CustomUserRegistry_1" defaultSSLSettings="SSLConfig_1">  
    3. Change to enabled="false".

    4. Save the security.xml file.

    5. Copy the security.xml file to the nodes:
      <node 1 profile>/config/cells/cellname/security.xml
      <node 2 profile>/config/cells/cellname/security.xml
    6. Restart DMGR, NodeAgents, and WebSphere_Portal servers. If you get authentication exceptions while trying to stop the servers, you may have to manually kill the server processes and then restart them.

    7. In wpconfig.properties, make the following changes:
      PortalAdminId=wpsadmin
      PortalAdminGroupId=wpsadmins

      Refer to the Information Center link for specific instructions.

    8. Save the wpconfig.propeties file.

    9. Try to disable security again using the disable-security task. Note that the DMGR and the nodeagent should be running:
      ./WPSconfig.sh disable-security
    At this point, security should be disabled. You can verify by accessing the DMGR AdminConsole. You should be prompted for only a user name, not a password.

ADDITIONAL NOTE: This procedure only applies to WebSphere Portal V6.0.x. WebSphere Portal 6.1 does not permit security to be disabled.

Rate this page:

(0 users)Average rating

Document information


More support for:

WebSphere Portal End of Support Products
WebSphere Portal

Software version:

6.0

Operating system(s):

AIX, HP-UX, Linux, Solaris, Windows

Software edition:

Server

Reference #:

1295051

Modified date:

2013-08-03

Translate my page

Machine Translation

Content navigation