- IBM WebSphere Application Server v7.0 Security
- IBM WebSphere Application Server v7.0 Security
- Credits
- About the Author
- About the Reviewers
- www.PacktPub.com
- Preface
- 1. A Threefold View of WebSphere Application Server Security
- 2. Securing the Administrative Interface
- Information needed: Planning for security
- Enabling security
- Setting the domain name
- Configuring the user registry
- Locating the user registry configuration area
- Registry type selection
- LDAP—the preferred choice
- Reviewing the resulting standalone LDAP registry page
- Defining the WebSphere administrative ID
- Setting the type of LDAP server
- Entering the LDAP server parameters
- Providing the LDAP bind identity parameters
- Confirming other miscellaneous LDAP server parameters
- Applying and saving the standalone LDAP configuration
- Confirming the configuration
- Enabling the administrative security
- Administrative roles
- Disabling security
- Summary
- 3. Configuring User Authentication and Access
- Security domains
- Administrative security domain
- User registry concepts
- Supported user registry types
- Protecting application servers
- Summary
- 4. Front-End Communication Security
- 5. Securing Web Applications
- Securing web applications concepts
- Securing a web application
- Project objectives
- Assumptions
- Prerequisites
- Enterprise application architecture
- Securing a J2EE web application
- Creating the enterprise application project
- Creating the dynamic web application projects
- Configuring dynamic web applications
- Configuring enterprise applications
- Adding content to dynamic web applications
- Packaging an enterprise application
- Deploying the enterprise application
- Testing the enterprise application
- Summary
- 6. Securing Enterprise Java Beans Applications
- EJB application security concepts
- EJB project design
- EJB project prerequisites and assumptions
- Creating an Enterprise Application Project
- Creating the portal Dynamic Web Project
- Creating content for the portal DWP
- Creating an EJB project
- The grand finale
- Summary
- 7. Securing Back-end Communication
- 8. Secure Enterprise Infrastructure Architectures
- 9. WebSphere Default Installation Hardening
- 10. Platform Hardening
- 11. Security Tuning and Troubleshooting
- Tuning WebSphere security
- Troubleshooting WebSphere security-related issues
- Concluding WebSphere security-related tips
- Summary
This chapter covered two powerful concepts that will enable you to add security to your WebSphere environment. They are authentication as applied to resources and data encryption:
- Whenever possible, move the authentication to resources aspect out of the application. Create JASS-J2C aliases at the resource level to provide the credentials needed to access the back-end resource. This technique can be easily applied to JDBC Data Sources and to JMS Queues.
- If the nature of the data exchanged with a back-end resource is sensitive, apply encryption to the channel. The preferred form is to use SSL communication. If that is not possible, research other alternatives such as VPNs.
I feel full of energy; I am not sure about you. This chapter seemed short in comparison with the previous one. Perhaps I miss having a mini project. So go get a cup of tea and let's move onto the next chapter, WebSphere default installation hardening. What do you say?
-
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.