InfoCenter Home >
5: Securing applications -- special topics >
5.3: Changes to security since Version 2.0x
Some security features have changed with respect to the security offered by IBM
WebSphere Application Server Version 2.0x. This table summarizes the differences.
Version 3/3.5 |
Version 2 |
Users and groups must originate in a directory service or user registry. |
Users and groups could be created directly in WebSphere Application
Server, independent of a directory service product or the user registry of the operating
system. |
You protect resources individually and at the application level. The
security properties at the application level differ from those you set for individual
resources. |
Individual resources were secured, but the product did not offer
protection to applications (collections of related resources). |
Method groups and application-level security define authorization
policies. |
Realms and access-control lists defined authorization policies. |
There is just one realm, to which all items belong. The administrator
names the realm. |
Multiple realms were offered. |
A discrete security server process provides centralized security services
and policy enforcement to one or more application server runtimes. |
Security features were part of a single application server runtime. |
Sophisticated functionality, including Single Sign On (SSO), delegation,
and the use of LTPA and digital certificates, is supported. |
Basic security policy and services were provided. |
|
|