Use the following links to find relevant supplemental information about Securing applications and their environment. The information resides on IBM and non-IBM Internet sites, whose sponsors control the technical accuracy of the information.
These links are provided for convenience. Often, the information is not specific to the IBM WebSphere Application Server product, but is useful all or in part for understanding the product. When possible, links are provided to technical papers and Redbooks that supplement the broad coverage of the release documentation with in-depth examinations of particular product areas.
View links to additional information about:
Planning, business scenarios and IT architecture
This article, which applies to Version 5.0.x and later, describes why security is important and provides information on the WebSphere Application Server security architecture.
Programming model and decisions
Refer to http://www-106.ibm.com/developerworks/websphere/library/techarticles/0403_yu/0403_yu.html?ca=dnp-314#IDACKF3B for information on setting up WebSphere Application Server using Sun Java Secure Socket Extension (JSSE) at runtime.
Refer to the http://www.ibm.com/developerworks/java/jdk/security/jsseDocs.zip file for the Javadoc of the application programming interfaces (APIs), JSSE Reference Guide, and JSSE samples.
Look in the http://www.ibm.com/developerworks/java/jdk/security/iKeymanDocs.zip file for the Secure Sockets Layer (SSL) Introduction and iKeyman documentation.
Refer to {was_install_root}/web/docs/aat/en/index.html for AAT documentation. This can help when securing J2EE enterprise applications.
Programming specifications
For programming and usage in JAAS, refer to the documentation located at http://www.ibm.com/developerworks/java/jdk/security/ and scroll down to find the JAAS documentation for your platform. This document contains the following when unpacked:
Administration