Security: Resources for learning
Use the following links to find relevant supplemental information about Secure applications. The information resides on IBM and non-IBM Internet sites, whose sponsors control the technical accuracy of the information.
These links are provided for convenience. Often, the information is not specific to the IBM WebSphere Application Server, but is useful in all or part for understanding the product. When possible, links are provided to technical papers and IBM Redbooks that supplement the broad coverage of the release documentation with in-depth examinations of particular product areas.
View links to additional information about:
- Planning, business scenarios and IT architecture
- Programming model and decisions
- Programming specifications
- Administration
- Tutorials
Planning, business scenarios and IT architecture
- WAS Library
- WAS Support
- WAS v6 Security
- Access the samples
The technology sample in the WAS Samples Gallery contains several security-related samples including the form login sample and the JAAS login sample.
- WAS security: Presentation series
Programming model and decisions
- IBM Software Development Kit resource packages and documentation
This website contains documentation, example code, and ancillary files relating to the IBM Software Development Kits (SDK). We can obtain information about the IBM implementation of Java Secure Sockets Extension (JSSE), Java Cryptography Extension (JCE), Java Generic Security Services (JGSS), iKeyman, and so on.
- Federated Identity Management and Web Services Security with IBM Tivoli Security Solutions
Programming specifications
- J2EE Specifications
- EJB Specifications
- Servlet Specifications
- Common Secure Interoperability v2 (CSIv2) Specification
- JAAS Specification.
For programming and usage in JAAS, refer to the specification located at http://www.ibm.com/developerworks/java/jdk/security/ and scroll down to find the JAAS documentation for the platform. This document contains the following when unpacked:
- login.html - LoginModule Developer's Guide
- api.html - Developer's Guide (JAAS JavaDoc)
- HelloWorld.tar - Sample JAAS Application
- Java 2 Platform, Standard Edition, v5.0 API Specification
- Java Authorization Contract for Containers (JSR 115) Specification
- Java Authentication Service Provider Interface for Containers (JSR 196) Specification
- The Kerberos Network Authentication Service v5
- The Simple and Protected GSS-API Negotiation Mechanism
- Kerberos: The Network Authentication Protocol
Administration
- WAS v6: Security Handbook
This is a redpiece or a draft version of WAS v6 Security handbook. It is designed to help programmers, administrators, and architects understand the features available in WAS v6. WAS V6 Migration Guide
- IBM WebSphere v5.0 Security
This book provides an overview of WAS v5 Security, including J2EE security and programmatic security techniques. It also provides information about end-to-end security solutions that include WAS v5 as part of an e-business solution.
- IBM HTTP Server Support and Documentation
- IBM Directory Server Support and Documentation
- IBM developer kits
This website provides access to the IBM developer kits provided by the IBM Centre for Java Technology Development. Using this website, we can find various security and diagnostic information including information on the Federal Information Processing Standard, Java v1.4.1, Java v1.4.2, the iKeyman tool, and the Public Key Cryptography Standards (PKCS).
- IBM cryptographic hardware devices
- Supported hardware, software and APIs prerequisite website
- IBM Education Assistant
- Understanding LDAP - Design and Implementation
- WebSphere security fundamentals
- Advanced authentication in WAS
Tutorials
- IBM Education Assistant: Enabling security best practices tutorials
See these tutorials for overview information about WAS security.
Related concepts:
New features overview for securing applications and their environment
Related
Tasks: Securing resources