Planning to secure your environment

In a WebSphere Process Server environment there are many communications which occur: from a browser on the Internet, through Web servers and product servers, to the enterprise data at the back-end. All of these communication links require consideration if the entire environment is to be secure. Typical configurations and common security practices are described.

Before you begin

Why and when to perform this task

Complete the following steps to plan the security of your environment.

Steps for this task

  1. Review the WebSphere Process Server security architecture.
  2. Review each of the following topics in the WebSphere Application Server Information Center.
    1. Global security and server security
    2. Authentication protocol for EJB security
      • Supported authentication protocols
      • Common Secure Interoperability Version 2 features
      • Identity assertion
    3. Authentication mechanisms
      • Lightweight Third Party Authentication settings
      • Trust associations
      • Single signon
    4. User registries
      • Local operating system user registries
      • Lightweight Directory Access Protocol
    5. Custom user registries
    6. Java 2 security
      • Java 2 security policy files
    7. Java Authentication and Authorization Service
      • Programmatic login
    8. J2EE connector security
    9. Access control exception
      • Role-based authorization
      • Administrative console and naming service authorization
    10. Secure Sockets Layer
      • Authenticity
      • Confidentiality
      • Integrity

Terms of use |

Last updated:

Copyright IBM Corporation 2005.
This information center is powered by Eclipse technology (http://www.eclipse.org)