Administering security

 

Administering security

Administering secure applications requires access to the WebSphere Application Server administrative console. Log in with a valid user ID and password that have administrative access. To administer security, complete these steps:

  1. Configure global security. For more information, see Configuring global security.

  2. Assign users to administrator roles. For more information, see Assigning users to administrator roles.

  3. Assign users to naming roles. For more information, see Assigning users to naming roles.

  4. Configure authentication mechanisms. For more information, see Configuring authentication mechanisms.

  5. Configure Lightweight Third Party Authentication. For more information, see Configuring Lightweight Third Party Authentication.

  6. Configure trust association interceptors. For more information, see Configuring trust association interceptors.

  7. Configure single signon. For more information, see Configuring single signon.

  8. Configure user registries. For more information, see Configuring user registries.

    1. Configure local operating system user registries. For more information, see Configuring local operating system user registries.

    2. Configure Lightweight Directory Access Protocol user registries. For more information, see Configuring Lightweight Directory Access Protocol user registries.

    3. Configure custom user registries. For more information, see Configuring custom user registries.

  9. Configure Java Authentication and Authorization Service login. For more information, see Configuring application logins for Java Authentication and Authorization Service.

  10. Configure an authorization provider. For more information, see Configuring a JACC provider. To configure the Tivoli Access Manager Java Authorization Contract for Containers (JACC) provider, see either Configuring the JACC provider for Tivoli Access Manager using the wsadmin utility or Configuring the JACC provider for Tivoli Access Manager using the administrative console.

  11. Configure the Common Secure Interoperability Version 2 and Security Authentication Service authentication protocols. For more information, see Configuring Common Secure Interoperability Version 2 and Security Authentication Service authentication protocols.

  12. Configure Secure Sockets Layer. For more information, see Configuring Secure Sockets Layer .

  13. Configure Java 2 Security Manager. For more information, see Configuring Java 2 security.

  14. Optional: Configure security attribute propagation. For more information, see Security attribute propagation.


Sub-topics
Global security
Configuring global security
Administrative console and naming service authorization
Assigning users to administrator roles
Assigning users to naming roles
Authentication mechanisms
Configuring authentication mechanisms
User registries
Configuring user registries
Java Authentication and Authorization Service
Configuring application logins for Java Authentication and Authorization Service
Identity mapping
Configuring inbound identity mapping
Configuring outbound mapping to a different target realm
Security attribute propagation
Enabling security attribute propagation
Default PropagationToken
Implementing a custom PropagationToken
Default AuthorizationToken
Implementing a custom AuthorizationToken
Default SingleSignonToken
Implementing a custom SingleSignonToken
Default AuthenticationToken
Implementing a custom AuthenticationToken
Propagating a custom Java serializable object
Authorization in WebSphere Application Server
JACC providers
JACC support in WebSphere Application Server
Enabling an external JACC provider
Propagating security policy of installed applications to a JACC provider using wsadmin
Configuring a JACC provider
Interfaces used to support JACC
Tivoli Access Manager integration as the JACC provider
Tivoli Access Manager security for WebSphere Application Server
Creating the security administrative user
Tivoli Access Manager JACC provider configuration
Configuring the JACC provider for Tivoli Access Manager using the wsadmin utility
Configuring the JACC provider for Tivoli Access Manager using the administrative console
Enabling the JACC provider for Tivoli Access Manager
Configuring additional authorization servers
Role-based security with embedded Tivoli Access Manager
Administering security users and roles with Tivoli Access Manager
Configuring Tivoli Access Manager groups
Tivoli Access Manager JACC provider configuration properties
Logging Tivoli Access Manager security
Enabling embedded Tivoli Access Manager
Disabling embedded Tivoli Access Manager client
Disabling embedded Tivoli Access Manager client using the Administration Console
Disabling embedded Tivoli Access Manager client using wsadmin
Forcing the unconfiguration of the Tivoli Access Manager JACC provider
Updating console users and groups
The Tivoli Access Manager migrateEAR utility
Troubleshooting authorization providers
Authentication protocol for EJB security
Configuring Common Secure Interoperability Version 2 and Security Authentication Service authentication protocols
Secure Sockets Layer
Configuring Secure Sockets Layer
Cryptographic token support
Opening a cryptographic token using the key management utility (iKeyman)
Configuring to use cryptographic tokens
Using Java Secure Socket Extension and Java Cryptography Extension with Servlets and enterprise bean files
Java 2 security
Configuring Java 2 security

Related tasks
Configuring single signon