Working Securely

By default, Host Integrator security is disabled. When security is enabled for a session server, an administrative login, while always required for the Administrative Console, will also be required for deploying models, generating Web applications, and executing connectors.

Host Integrator security includes authentication, authorization, and encryption.

Note: You can also use SSL to ensure security between the Host Integrator server and an IBM 3270 or AS/400 host. To use SSL, configure your model to use Telnet SSL or Extended Telnet SSL as a transport when you set your connection properties. If you are connecting to a VT host, you can use SSH to ensure a secure connection. To use SSH, configure your model to use SSH when you set your connection properties.

Authentication and Authorization

The management server provides authorization and authentication for both the Administrative Console and Host Integrator. When you first install Host Integrator, you provide a password for the "admin" user. The "admin" user is a built-in user that has access to all the features of the Administrative Console, including Host Integrator configurations. You use the "admin" credentials to log onto the Administrative Console and then assign additional users and groups from configured external LDAP capable directories to authorization profiles. If a management server needs to be manually reset, then the default password of ‘=secretpassword ’ is restored.

How do I configure security?

Using the Administrative Console:
  1. Add sources for security users and groups by either configuring directories or by enabling OS Groups in the Directory perspective.
  2. Assign security users and groups to the authorization profiles, Administrator, Developer, and User, available in the Authorization perspective.
  3. Check the security option for each selected session server on the server property page. Since the Administrative Console is the only way to configure Host Integrator servers, enabling security controls access to servers for configuration purposes and establishes access control for data objects and client programs.
  4. The management server always is running in secure mode (requires a username/password to connect) and is independent of session server security.

The built-in "admin" user is automatically part of all authorization profiles and has access to all areas of the system. To enable security follow the steps above to provide system access to additional users.

Security Profiles

The Host Integrator provides three different security profiles; user, developer, and administrator. The type of access allowed on the server is determined by the security profile the user ID belongs to. This access control is separate from and in addition to the access control provided by the host. There are scenarios in which host user ID's and passwords are sufficient for controlling access; in these cases you may decide not to enable authentication on your servers. See Using Profiles for a complete description of each profile.

Configuring Server Authentication

Although the management server always runs in secure mode and a user name and password is required to access the Administrative Console and configure session server properties, this security does not control access to servers by data objects and client programs. You can establish this access control by enabling security on individual servers.

Encryption

Enabling security on a Host Integrator Server also secures the channel between the server and the clients that connect to it. When security is enabled, a server forces encryption over SSL with every client that connects to it.

Federal Information Processing Standards (FIPS) are guidelines established by the United States government to standardize computer systems. To use FIPS 140-2 validated TLS version 1 encryption for SSL support, in a Windows environment, you must first define an environment variable, VHI_FIPS = 1. After this variable is set all SSL support will use the FIPS 140-2 Crypto Libraries.

When security is disabled on a server, the channel between it and its clients is encrypted only if the clients use the RequireSecureConnection API call. RequireSecureConnection is a state flag. Once it is set, all communication between the client and server is encrypted, regardless of the authentication setting on the server. This scenario is appropriate for environments in which it is not necessary to have access control to the Host Integrator server, but you still want to encrypt information such as host user IDs and passwords. For more information about working with Host Integrator APIs, see Connectors and APIs available from the Design Tool online help.

If RequireSecureConnection is not used or is set to No, the channel between the client and server is still encrypted if authentication is enabled on the server it connects to. Setting this flag to No does not disable encryption.

 

Related Topics
Bullet Using Profiles
Bullet What is a Directory?
Bullet Using Authorization and Authentication