Application server security and IBM Security Identity Manager

ISIM uses application server security, for example WebSphere Application Server security, to enforce authentication and role-based authorization. Application server security includes both administrative and web application security. Administrative security must be enabled before IBM Security Identity Manager is installed. Web application security is required for functionality. Security domains can be used to define non-global security scopes for web applications.

When installing ISIM, we select either the default custom registry provided with ISIM, or we select an external user registry. For the default custom registry, the installation program automatically creates a security domain that has application security enabled. For an external user registry, manually enable application security for the security domain that ISIM uses. The external user registry can operate at the global security level, or can be part of a specific security domain. For an external user registry used for global security, we must enable application security for global security. For an external user registry associated with a security domain, we must enable application security for that security domain.

See External user registry for authentication.

Parent topic: Security