Develop extensions to the WebSphere security infrastructure

WebSphere Application Server provides various plug points so that we can extend the security infrastructure. Extending this security infrastructure involves several activities including: Developing custom user registries, developing applications that use programmatic security, and customizing web application login forms.

The following topics are covered in this section:

Tasks

• Develop custom user registries
• Develop applications that use programmatic security
• Customizing web application login forms
• Customizing application login forms with JAAS
• Secure transports with Java Secure Sockets Extension (JSSE) and Java Cryptography Extension (JCE) programming interfaces
• Implementing tokens for security attribute propagation
• Implementing a custom authentication provider using JASPI

Subtopics

• Develop stand-alone custom registries
  

• Develop a custom SAF EJB role mapper
  
• Implementing custom password encryption
  
• Develop applications that use programmatic security
  
• Customizing web application login
  
• Secure transports with JSSE and JCE programming interfaces
  

• Use System Authorization Facility keyrings with Java Secure Sockets Extension
  
• Configure Federal Information Processing Standard Java Secure Socket Extension files
  
• WAS security standards configurations
  
• Configure WAS for the Suite B security standard
  
• Transitioning WAS to the SP800-131 security standard
  
• Configure WAS for SP800-131 standard strict mode
  
• Implementing tokens for security attribute propagation
  
• Develop a custom interceptor for trust associations
  
• Enable a plugpoint for custom password encryption
  
• Implementing a custom authentication provider using JASPI
  

Create a CA client in SSL