InfoCenter Home >
5: Securing applications -- special topics >
5.3: Changes to security since Version 2.0x

5.3: Changes to security since Version 2.0x

Some security features have changed with respect to the security offered by IBM WebSphere Application Server Version 2.0x. This table summarizes the differences.

Version 3/3.5 Version 2
Users and groups must originate in a directory service or user registry. Users and groups could be created directly in WebSphere Application Server, independent of a directory service product or the user registry of the operating system.
You protect resources individually and at the application level. The security properties at the application level differ from those you set for individual resources. Individual resources were secured, but the product did not offer protection to applications (collections of related resources).
Enterprise beans are protected. The method group concept discussed in the Enterprise JavaBeans (EJB) specification Version 1.1 is integral to security policy for all types of resources in Version 3+. Only servlets and other Web files, such as HTML pages and JavaServer Pages (JSP) files, were protected.
Method groups and application-level security define authorization policies. Realms and access-control lists defined authorization policies.
There is just one realm, to which all items belong. The administrator names the realm. Multiple realms were offered.
A discrete security server process provides centralized security services and policy enforcement to one or more application server runtimes. Security features were part of a single application server runtime.
Sophisticated functionality, including Single Sign On (SSO), delegation, and the use of LTPA and digital certificates, is supported. Basic security policy and services were provided.
Go to previous article: Operating environment Go to next article: Overview: Using programmatic and custom logins

 

 
Go to previous article: Operating environment Go to next article: Overview: Using programmatic and custom logins