Setting up, enabling and migrating security
You must address several issues prior to authenticating
users, authorizing access to resources, securing applications, and
securing communications. These security issues include migration,
interoperability, and installation.
Configuring multiple security domains
By default, all administrative and user applications in WebSphere Application Server
use the global security configuration. For example, a user registry
defined in global security is used to authenticate users for every
application in the cell. Out-of-the-box, this behavior is the same
as it was in previous releases of WebSphere Application
Server. You can create additional WebSphere security domains if you
want to specify different security attributes for some or all of your
user applications. This section describes how to configure a security
domain by using the administrative console.
Authenticating users
The process of authenticating users involves a user registry
and an authentication mechanism. Optionally, you can define trust
between WebSphere Application Server and a proxy
server, configure single sign-on capability, and specify how to propagate
security attributes between application servers.
Authorizing access to resources
WebSphere Application Server provides many
different methods for authorizing accessing resources. For example,
you can assign roles to users and configure a built-in or external
authorization provider.
Securing communications
WebSphere Application Server provides several
methods to secure communication between a server and a client.
Auditing the security infrastructure
You can use the Auditing Facility to report and track auditable
events to ensure the integrity of your system.