WebSphere Application Server Network Deployment, Version 6.0.x     Operating Systems: AIX, HP-UX, Linux, Solaris, Windows

Overview and new features for securing applications and their environment

What is new What is new for security specialists

This topic provides an overview of new and changed features in security.

Presentation WebSphere security architecture
This IBM Education Assistant presentation provides an overview of the security architecture. Additional presentations are available that focus on the following concepts:
Conceptual overview Introduction: Security

This topic describes how IBM WebSphere Application Server provides security infrastructure and mechanisms to protect sensitive Java 2 Platform, Enterprise Edition (J2EE) resources and administrative resources and to address enterprise end-to-end security requirements on authentication, resource access control, data integrity, confidentiality, privacy, and secure interoperability.

Conceptual overview Integrating IBM WebSphere Application Server security with existing security systems

This topic describes how the product security features relate to the security features of the environment into which you have added application serving capability.

Conceptual overview Planning to secure your environment

Several communication links are provided from a browser on the Internet, through Web servers and product servers, to the enterprise data at the back-end. This topic examines some typical configuration and common security practices. WebSphere Application Server security is built on a layered security architecture. This section also examines the security protection offered by each security layer and common security practice for good quality of protection in end-to-end security.

Samples

Samples The Samples Gallery offers:
  • Login - Form Login

    The Form Login Sample demonstrates a very simple example of how to use the login facilities for WebSphere Application Server to implement and configure login applications. The Sample uses the Java 2 Platform, Enterprise Edition (J2EE) form-based login technology to customize the look and feel of the login screens. It uses servlet filters to log the user information and the date information. The Sample finishes the session by using the form-based logout function, an IBM extension to the J2EE specification.

  • Login - JAAS Login

    The JAAS Login Sample demonstrates how to use the Java Authentication and Authorization Service (JAAS) with WebSphere Application Server. The Sample uses server-side login with JAAS to authenticate a real user to the WebSphere security run time. Based upon a successful login, the WebSphere security run time uses the authenticated Subject to perform authorization checks on a protected stateless session enterprise bean. If the Sample runs successfully, it displays all the principals and public credentials of the authenticated user.

Concept topic    

Terms of Use | Feedback

Last updated: Mar 17, 2005 4:28:29 AM CST
http://publib.boulder.ibm.com/infocenter/ws60help/index.jsp?topic=/com.ibm.websphere.nd.doc/info/ae/ae/welc_content_csec.html

© Copyright IBM Corporation 2003, 2005. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)