[Version 5.0.2 and later]Being secure with WebSphere Application Server for z/OS

Functions supported on WebSphere Application Server for z/OS Version 5, WebSphere Application Server for z/OS Version 4, or WebSphere Application Server Distributed Version 5


Functions supported on WebSphere Application Server for z/OS V5, WebSphere Application Server for z/OS Version 4, or WebSphere Application Server Distributed Version 5
Function WebSphere Application Server for z/OS Version 5 WebSphere Application Server for z/OS Version 4 WebSphere Application Server Distributed Version 5 Notes
RunAs EJB x x x  
RunAs for Servlets x   x  
SAF-based IIOP Protocols x x    
z/OS connector facilities x x    
Global security enable or disable x   x  
CORBA security interfaces     x Refer to Migrating to WebSphere Application Server V5.0.
RACF keyrings x x    
Authentication functions x x x Examples: Basic, SSL digital certificates, form-based login, security constraints, trust association interceptor
J2EE security resources x x x  
Security environment x   x  
Web authentication (LTPA) x   x  
Web authentication (ICSF) x x    
EJB using LTPA x   x  
WebSphere application bindings x   x  
DCE   x    
Application-level sync-to thread x      
Method-level sync-to thread x x    
Role-based naming security x   x  
Role-based administrative security x   x  
SAF registries x x    
Identity assertion x x x
  • Use trusted servers or CBIND for server authorization required.
  • On WebSphere Application Server for z/OS Version 4 you must use z/OS Secure Authentication Services (zSAS).
CORBA     x Refer to Migrating Common Object Request Broker Architecture programmatic login to Java Authentication and Authorization Service
Authentication protocols       Example: CSIV2
CSIv2 conformance level "0" x   x  
J2EE compliance x x x  
JAAS programming model WebSphere extensions x   x  


When Migrating to WebSphere Application Server V5.0 there are some things to consider. All basic Version 5 authentication mechanisms for Web clients are similar Version 4, meaning enhancements provided to functions and structure for compatibility.

Key similarities include:

Comparing WebSphere Application Server for z/OS Version 5 with WebSphere Application Server for Network Deployment on Distributed Version 5

A key similarity:

Key differences include:

J2EE 1.3 compliance

Being J2EE-compliant involves:

Compliance with WebSphere Network Deployment at the API/SPI level

Compliance with WebSphere Network Deployment at the API/SPI level makes deploying applications from Network Deployment on z/OS easier. Features enhanced or deprecated by Network Deployment are enhanced or deprecated by z/OS. However, this does not mean there is no migration for z/OS customers. Compliance with WebSphere Network Deployment at the API/SPI level includes:


Related tasks
Integrating IBM WebSphere Application Server security with existing security systems
Securing applications and their environments



Searchable topic ID:   csecoversecure
Last updated: Jun 21, 2007 9:56:50 PM CDT    WebSphere Application Server for z/OS, Version 5.0.2
http://publib.boulder.ibm.com/infocenter/wasinfo/index.jsp?topic=/com.ibm.websphere.zseries.doc/info/zseries/ae/csec_oversecure.html

Library | Support | Terms of Use | Feedback