WebSphere Application Server Network Deployment, Version 6.0.x     Operating Systems: AIX, HP-UX, Linux, Solaris, Windows

Contents of this section: Securing applications and their environments

Integrating IBM WebSphere Application Server security with existing security systems
This section provides interoperability information. WebSphere Application Server security is an integral part of your multiple-tier enterprise computing framework. WebSphere Application Server adopts the open architecture paradigm and provides many plug-in points to integrate with enterprise software components to provide end-to-end security. WebSphere Application Server plug-in points are based on standard J2EE specifications wherever applicable. WebSphere Application Server is actively involved in various standard bodies to externalize and to standardize plug-in interfaces.
Planning to secure your environment
This section examines some typical configuration and common security practices. There are several communication links from a browser on the Internet, through Web servers and product servers, to the enterprise data at the back end. WebSphere Application Server security is built on a layered security architecture. This section also examines the security protection offered by each security layer and common security practice for good quality of protection in end-to-end security.
Implementing security considerations at installation time
This section describes how to implement security before, during, and after installing the product.
Migrating security configurations from previous releases
This section describes how to migrate your security configurations from a previous product release.
Developing secured applications
This section describes how to implement declarative and programmatic security while developing, assembling, and deploying your applications. The product security components provide or collaborate with other services to provide authentication, authorization, delegation, and data protection. The product also supports the security features described in the Java 2 Enterprise Edition (J2EE) specification.
Assembling secured applications
This section describes how to use assembly tools to secure applications and the EJB and Web modules that comprise them.
Assembling secured applications
This section describes security tasks and considerations as you are deploying applications onto the application server and testing that users can access the secured applications.
Administering security
This section describes how to configure and administer security features, including:
  • Global security
  • Authentication mechanisms (directories and user registries)
  • Authorization policies and providers, including Java Authentication and Authorization Service (JAAS)
  • Trust association interceptors
  • Single signon
  • Common Secure Interoperability Version 2 (CSIv2)
  • Secure Sockets Layer (SSL)
  • Java 2 Security manager
  • Security attribute propagation
Learn about WebSphere applications
This section provides security instructions that are specific to the various types of applications, such as Web applications or Web services.
Tuning security configurations
This section describes how enabling security decreases performance. This information includes considerations for increasing performance.
Troubleshooting security configurations
This section describes how to troubleshoot errors related to security.



Related concepts
Product overview and quick start

Related tasks
How do I secure applications and their environments?

Concept topic    

Terms of Use | Feedback

Last updated: Mar 17, 2005 4:28:29 AM CST
http://publib.boulder.ibm.com/infocenter/ws60help/index.jsp?topic=/com.ibm.websphere.nd.doc/info/ae/ae/welc_concepts_csec.html

© Copyright IBM Corporation 2003, 2005. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)