Secure Socket Layer overview
Configuring WebSphere Portal for SSL encrypts traffic between the client browser and the portal server.
In addition, assuming that the WAS on which portal is running is also configured to accept (or even require) SSL connections, the LTPA Token and other security and session information can be completely protected against hijack and replay attacks.
Configuring WebSphere Portal for SSL involves configuring the following components:
- HTTP server running in front of WebSphere Application Server
- WebSphere Application Server
- WebSphere Portal
In general, the Web server must be configured to accept inbound SSL traffic. Then, the WAS plugin for the Web server must be configured to forward traffic on that port to WAS and WebSphere Portal. This involves configuring the virtual host information. Finally, WebSphere Portal must be set up to generate self-referencing URLs using SSL as the transport.
This procedure might be slightly different if a front-end security proxy server such as Tivoli Access Manager WebSEAL is used. In that case, the front-end security server handles the client SSL connections. The Web server receives connections from the front-end security proxy server. Mutually authenticated SSL could be configured in the Web server and the front-end security proxy server if needed.
Complete the following procedures to encrypt all Portal requests...
Parent topic:
Configuring security