Use the following links to find relevant supplemental information about Securing applications and their environment. The information resides on IBM and non-IBM Internet sites, whose sponsors control the technical accuracy of the information.
These links are provided for convenience. Often, the information is not specific to the IBM WebSphere Application Server product, but is useful in all or part for understanding the product. When possible, links are provided to technical papers and Redbooks that supplement the broad coverage of the release documentation with in-depth examinations of particular product areas. View links to additional information about:
See iSeries security resources for information specific to the iSeries and OS/400 platform.
Planning, business scenarios and IT architecture
The technology sample in the WebSphere Application Server Samples Gallery contains several security-related samples including the form login sample and the Java Authentication and Authorization Service (JAAS) login sample.
Programming model and decisions
Refer to http://www-106.ibm.com/developerworks/websphere/library/techarticles/0403_yu/0403_yu.html?ca=dnp-314#IDACKF3B for information on setting up WebSphere Application Server using Sun Java Secure Socket Extension (JSSE) at runtime.
Refer to the http://www.ibm.com/developerworks/java/jdk/security/jsseDocs.zip file for the Javadoc of the APIs, JSSE Reference Guide, and JSSE samples.
Look in the http://www.ibm.com/developerworks/java/jdk/security/iKeymanDocs.zip file for the Secure Sockets Layer (SSL) introduction and iKeyman documentation.
Programming specifications
For programming and usage in JAAS, refer to the specification located at http://www.ibm.com/developerworks/java/jdk/security/ and scroll down to find the JAAS documentation for your platform. This document contains the following when unpacked:
Administration
This is a redpiece or a draft version of WebSphere Application Server Version 6 Security handbook. It is designed to help programmers, administrators, and architects understand the features available in WebSphere Application Server Version 6.
This Web site provides access to the IBM developer kits provided by the IBM Centre for Java Technology Development. Using this Web site, you can find various security and diagnostic information including information on the Federal Information Processing Standard, Java Version 1.4.1, Java Version 1.4.2, the iKeyman tool, and the Public Key Cryptography Standards (PKCS).