Skip to main content

IBM WebSphere Application Server V6.1 Security Handbook

An IBM Redbooks publication

Note: This is publication is now archived. For reference only.

thumbnail 

Published on 28 December 2006, updated 15 June 2009

  1. .PDF (9.2 MB)

 Order hardcopy
Share this page:   

ISBN-10: 0738496707
ISBN-13: 9780738496702
IBM Form #: SG24-6316-01


Authors: Rufus Credle, Tony Chen, Asish Kumar, James Walton and Paul Winters

menu icon

Abstract

This IBM® Redbooks® publication is part of the IBM WebSphere® V6.1 series. It focuses on security and related topics, as well as provides technical details for designing and implementing secure solutions with WebSphere. Designed for IT architects, IT specialists, application designers, application developers, application assemblers, application deployers, and consultants, this book provides information about designing, developing, and deploying secure e-business applications using IBM WebSphere Application Server V6.1. It discusses theory and presents proven exercises performed in our lab by using sample applications.

Part 1 discusses security for the application server and its components, including enterprise applications. It focuses on administrative security and application security, which were previously known as global security. It includes essential information about how to secure Web and Enterprise JavaBeans™ (EJB™) applications and how to develop a Java™ client using security.

Part 2 introduces additional components from the enterprise environment and discusses security beyond the application server. External components include third-party security servers, messaging clients and servers, and database servers.

Part 3 provides a short introduction to development environment security. It includes guidelines and best practices that are applicable to a secure development environment.

Table of Contents

Part 1. Application server security

Chapter 1. Introduction to this book

Chapter 2. Configuring the user registry

Chapter 3. Administrative security

Chapter 4. SSL administration and configuration management

Chapter 5. JAAS for authentication in WebSphere Application Server

Chapter 6. Application security

Chapter 7. Securing a Web application

Chapter 8. Securing an EJB application

Chapter 9. Client security

Chapter 10. Securing the service integration bus

Part 2. Extending security beyond the application server

Chapter 11. Security attribute propagation

Chapter 12. Securing a WebSphere application using Tivoli Access Manager

Chapter 13. Trust Association Interceptors and third-party software integration

Chapter 14. Externalizing authorization with JACC

Chapter 15. Web services security

Chapter 16. Securing access to WebSphere MQ

Chapter 17. J2EE Connector security

Chapter 18. Securing the database connection

Part 3. Development environment

Chapter 19. Development environment security

Appendix A. Additional configurations

Appendix B. Additional material

 

Others who read this also read