Security Handbook for WebSphere Application Server
[This article is sponsored by Peningo Systems, Inc., a provider of WebSphere Consulting Services on a nationwide basis. For more information on Peningo Systems, please go to the Peningo WebSphere Consultants page ]
IBM has released a Redbook titled “IBM WebSphere Application Server V6.1 Security Handbook”, which is part of the IBM WebSphere V6.1 series. The Redbook focuses on security and security-related topics and provides technical details to design and implement secure solutions with WebSphere.
We at Peningo Systems strongly recommend this RedBook for any WebSphere Consultant / WebSphere Architect / WebSphere Developer who are involved in designing, developing, and deploying secure e-business applications using IBM WebSphere Application Server V6.1.
This Book Consists of 4 Parts:
- Part 1 discusses security for the application server and its components, including enterprise applications. Note that global security has now become known as administrative security and application security. You find essential information on how to secure Web and EJB applications and how to develop a Java client using security.
- Part 2 introduces additional components from the enterprise environment and discusses security beyond the application server.
- External components include third-party security servers, messaging clients and servers, and database servers.
- Part 3 is a short introduction to development environment security. Here you can read about guidelines and best practices that are applicable to a secure development environment.
- Part 4 provides additional information related to chapters in the previous parts.
The following is the Table of Contents for this Redbook Draft:
- Part 1. Application server security
Chapter 1. Introduction
Chapter 2. Configuring the user registry
Chapter 3. Administrative security
Chapter 4. SSL administration
Chapter 5. JAAS for authentication in WebSphere Application Server
Chapter 6. Application security
Chapter 7. Securing a Web application
Chapter 8. Securing an EJB application
Chapter 9. Client security
Chapter 10. Securing the service integration bus - Part 2. Extending security beyond the Application Server
Chapter 11. Security attribute propagation
Chapter 12. Securing a WebSphere application using Tivoli Access Manager
Chapter 13. Trust Association Interceptors and third party software integration
Chapter 14. Externalizing authorization with JACC
Chapter 15. Web services security
Chapter 16. Securing access to WebSphere MQ
Chapter 17. J2EE Connector security
Chapter 18. Securing the database connection - Part 3. Development environment
Chapter 19. Development environment security - Appendix A. Additional configurations
Appendix B. Additional material
To view and download the RedBook Draft in PDF, please go to the link below:
The IBM WebSphere Application Server V6.1 Security Handbook
If you are an "End Client" looking for a WebSphere Consulting Service provider to support your WebSphere Applications, Peningo Systems provides Consultants with expertise in many areas including:
DB2 – UDB,
SAP,
Peregrine / HP Openview AssetCenter and ServiceCenter
J2EE based systems architecture and development.
To see Peningo Systems areas of expertise, please go to the Peningo Technical Areas page or go to the Peningo WebSphere Consultants page.
To see Peningo's other Blogs please go to