You must address several issues prior to authenticating
users, authorizing access to resources, securing applications, and
securing communications. These security issues include migration,
interoperability, and installation.
About this task
After installing WebSphere® Application Server,
you can determine the proper level of security that is needed for
your environment. By default, administrative security is enabled and
provides the authentication of users using the WebSphere administration functions, the use of Secure Sockets Layer (SSL),
and the choice of user account repository.
![[Updated in July 2011]](../../delta.gif)
You
can also use the following permissions to enhance security:
- Use the getSSLConfig permission to give your application code
the ability to call several of the JSSEHelper methods. For more information
about these methods, see the description of the com.ibm.websphere.ssl.JSSEHelper
API in the Programming interfaces section of the Information Center.
- Use the AdminPermission permission to give your application code
the ability to call WebSphere Application Server administrative APIs.
See the topic Setting Java 2 security permissions for an example of
how to set this permission.
- Use the accessRuntimeClasses permission to give your application
code the ability to load classes that are included with the product.
If you are operating in an environment that normally restricts access
to these classes, this permission enables your application code to
bypass this restriction during class loading. See the topic Global
security settings for a description of how to set this permission.
![[Updated in July 2011]](../../deltaend.gif)
jul2011
The following information is covered in this section:
Procedure
Enable security for all your application servers or for
specific application servers in your realm. For more information, see Enabling security.
What to do next
After installing WebSphere Application Server
and securing your environment, you must authenticate users. For more
information, see
Authenticating users.