WebSEAL introduction

WebSEAL is a reverse web proxy that forwards requests to, and protects, internal web-based information and resources. WebSEAL receives http/https requests from a web browser and delivers content either from its own web server or from junctioned back-end web application servers. WebSEAL provides single sign-on solutions to back-end web applications via a security policy. Requests passing through WebSEAL are evaluated by the ISAM authorization service to determine whether the user is authorized to access the requested resource.

WebSEAL integrates and protects back-end server resources using junctions, which provide a unified view of a combined protected object space. WebSEAL manages fine-grained access control for the local and back-end server resources. Supported resources include:

• URLs
• URL-based regular expressions
• CGI programs
• HTML files
• Java servlets
• Java class files

WebSEAL appears as a web server to clients and appears as a web browser to the back-end servers it is protecting.

Parent topic: IBM Security Verify Access WebSEAL overview

Related concepts

• Introduction to IBM Security Verify Access
• ISAM appliance
• WebSEAL functionality on the appliance
• Security concepts for a WebSEAL deployment
• Authorization process
• Security policy planning
• Content types and levels of protection
• WebSEAL authentication
• Standard WebSEAL junctions
• Web space scalability