The topics in this section describe security issues for the IMS™ resource adapter.
The topics included are:
IMS resource adapter security
Information in an Enterprise Information System (EIS) such as IMS must
be protected from unauthorized access. The J2EE Connector Architecture (J2C)
specifies that the application server and the EIS must collaborate to ensure
that only authenticated users are able to access an EIS. The J2C security
architecture extends the end-to-end security model for J2EE-based applications
to include integration with EISs.
Component-managed EIS sign-on
When you specify <res-auth>Application</res-auth> in
the deployment descriptor of your application, component-managed EIS sign-on
is used.
Configuring component-managed EIS sign-on
In most cases, when you create a J2EE application using the wizards
of Rational Application Developer, the default EIS sign-on is component-managed.
The component-managed configuration setting is reflected by the <res-auth>Application</res-auth> directive
of the resource reference used by your application.
Container-managed EIS sign-on
When <res-auth>Container</res-auth> is
specified in the deployment descriptor of the application, container-managed
EIS sign-on will be used.
Configuring container-managed EIS sign-on
Although the method for configuring container-managed EIS sign-on is deprecated in WebSphere Application Server Version 6, this topic uses a Dynamic Web Project to illustrate how to configure a component for container-managed EIS sign-on.
Overview of secure socket layer (SSL)
With the evolution of e-business, data security has become very important for Internet users. The Secure Socket Layer (SSL) protocol ensures that the transfer of sensitive information over the Internet is secure.