Summary
In this chapter, we learned that for global security to work, we need a repository of users, and groups of users, who are authorized to access the Administrative console. WAS uses three main types of registries, which can be used to store the users and groups that are given access to log in and configure the server. On large systems used by businesses and other organizations, there will likely be several system administrators and application servers dispersed across more than one machine and, if you use a local OS user registry, each machine would have its own user registry and it would be hard to keep them all up-to-date and secure. Hence LDAP is a better option. We also learned that it is possible to federate multiple repositories together, allowing user searches to be done across multiple mixed repositories. We covered security domains that allow different security attributes configured to separate security concerns as might be required in a real-world WAS installation. LTPA keys...
