Table of Contents

Search

  1. Preface
  2. Installation Overview
  3. Pre-Installation Tasks
  4. Hub Store Installation
  5. Hub Server Installation
  6. Hub Server Post-Installation Tasks
  7. Process Server Installation
  8. Process Server Post-Installation Tasks
  9. ActiveVOS Post-Installation Tasks for the Application Server
  10. ActiveVOS Post-Installation Tasks for the Business Entity Adapter
  11. Resource Kit Installation
  12. Resource Kit Post-Installation Tasks
  13. Troubleshooting the MDM Hub
  14. Uninstallation

Installation Guide for IBM DB2 with Red Hat JBoss

Installation Guide for IBM DB2 with Red Hat JBoss

Configuring EJB Security

Configuring EJB Security

You can configure EJB security at the JBoss application server level or at the Hub Server level to prevent unauthorized access to data and other resources in the
MDM Hub
. To configure EJB security at the JBoss application server level, enable the JBoss remoting-connector security.
  1. Log in to the Hub Console and change the Hub Console password to a password that adheres to the JBoss password policy.
    Ensure that the password that you set adheres to the JBoss password policy and the configured MDM Hub global password policy. This is important because the same password needs to be set for the Hub Console and for JBoss.
    For information about the MDM Hub global password policy, see the
    Multidomain MDM Configuration Guide
    .
    1. Disable remoting-connector security.
    2. Change the Hub Console password to adhere to the JBoss password policy.
      1. Log in to the Hub Console, change the database to the MDM Hub Master Database, and click
        Connect
        .
      2. Select the
        Users
        tool under
        Configuration
        workbenches and acquire a write lock.
      3. Select the
        admin
        user under the
        User
        tab, and click the
        Change password
        icon.
        The
        Change Password
        dialog box appears.
      4. Change the password to adhere to the JBoss password policy, and click
        OK
        .
  2. Enable the remoting-connector security in the
    standalone-full.xml
    file.
    1. Open the
      standalone-full.xml
      file in the following directory:
      <
      JBoss installation directory
      >/standalone/configuration
    2. Add the
      security-realm
      attribute as shown in the following code:
      In the subsystem with the name
      urn:jboss:domain:remoting:<n.n>
      , add the following attribute to the
      remoting-connector
      configuration:
      security-realm=<"<
      security realm name
      >">
  3. In JBoss, register the
    MDM Hub
    users that must have access to the Hub Server.
    1. Run the following script to register the
      MDM Hub
      users:
      On UNIX.
      <
      JBoss installation directory
      >/bin/add-user.sh
      On Windows.
      <
      JBoss installation directory
      >\bin\add-user.bat
    2. Answer the prompts in the following table:
      Prompt
      Value
      What type of user do you wish to add?
      a) Management User (mgmt-users.properties)
      b) Application User (application-users.properties)
      Specify the option
      b
      .
      Realm (ApplicationRealm)
      Use the name of the security realm. Default is
      ApplicationRealm
      .
      Username
      User name of the MDM Hub user.
      Password
      Password of the MDM Hub user that adheres to JBoss password policy.
      What roles do you want this user to belong to?
      You must specify
      hubconsole
      .
  4. Enable JBoss security on the Hub Server.
    1. Open
      cmxserver.properties
      in the following directory:
      <
      MDM Hub installation directory
      >/hub/server/resources
    2. Uncomment the following property:
      #cmx.jboss7.security.enabled=true
  5. Repackage the Hub Server EAR files.
    1. Navigate to the following directory:
      <
      MDM Hub installation directory
      >/hub/server/bin
    2. Run the following command:
      On UNIX.
      ./sip_ant.sh repackage
      On Windows.
      sip_ant.bat repackage
  6. Deploy the Hub Server EAR files.
    1. Stop the JBoss application server.
    2. If you have any existing deployments, remove the following deployment files from the JBoss deployment directory:
      Deployment File Name
      Description
      siperian-mrm.ear
      Required. The Hub Server application.
      provisioning-ear.ear
      Required. The Provisioning tool application.
      entity360view-ear.ear
      Optional. The Entity 360 framework.
      informatica-mdm-platform-ear.ear
      Optional. The Informatica platform application.
      ave_jboss.ear
      Optional. The ActiveVOS server application.
      activevos-central.war
      Optional. The ActiveVOS Central application.
    3. Copy the deployment files listed in the preceding step from the source to the target directories:
      Source: Hub Server installation directory
      Target:
      <
      JBoss installation directory
      >\standalone\deployments
    4. Start the application server.
      For more information about deploying applications, see the JBoss documentation.

0 COMMENTS

We’d like to hear from you!