Network Deployment (Distributed operating systems), v8.0 > Secure applications and their environment
Task overview: Securing resources
WAS supports the Java EE model for creating, assembling, securing, and deploying applications. Applications are often created, assembled, and deployed in different phases and by different teams.
We can secure resources in a Java EE environment by following the required high-level steps. Consult the Java EE specifications for complete details.
Procedure
- Set up and enable security. We must address several issues prior to authenticating users, authorizing access to resources, securing applications, and securing communications. These security issues include migration, interoperability, and installation. After installing WAS, determine the proper level of security that is needed for the environment. See Set up, enabling and migrating security.
- Configure multiple domains. Security domains enable you to define multiple security configurations for use in the environment. For example, you can define different security (such as a different user registry) for user applications than for administrative applications. We can also define separate security configurations for user applications deployed to different servers and clusters. See Configure multiple security domains
- Authenticate users. The process of authenticating users involves a user registry and an authentication mechanism. Optionally, you can define trust between WAS and a proxy server, configure single sign-on capability, and specify how to propagate security attributes between application servers. See Authenticate users.
- Authorize access to resources. WAS provides many different methods for authorizing accessing resources. For example, you can assign roles to users and configure a built-in or external authorization provider. See Authorizing access to resources.
- Secure communications. WAS provides several methods to secure communication between a server and a client. See Secure communications.
- Develop extensions to the WebSphere security infrastructure. WAS provides various plug points so that you can extend the security infrastructure. See Develop extensions to the WebSphere security infrastructure.
- Use the Auditing Facility to report and track auditable events to ensure the integrity of the system. See Auditing the security infrastructure
- Secure various types of WebSphere applications. See Secure WebSphere applications for tasks involving developing, deploying, and administering secure applications, including web applications, web services, and many other types. This section highlights the security concerns and tasks that are specific to each type of application.
- Tune, harden, and maintain security configurations. After we have installed WAS, there are several considerations for tuning, strengthening, and maintaining the security configuration. See Tune, hardening, and maintaining security configurations.
- Troubleshoot security configurations. See Troubleshoot security configurations.
Results
Your applications and production environment are secured.
Example
See the Security: Resources for learning article for more information on the WAS security architecture.
Related
Set up, enabling and migrating security
Configure multiple security domains
Authenticate users
Authorizing access to resources
Secure communications
Develop extensions to the WebSphere security infrastructure
Tune, hardening, and maintaining security configurations
Troubleshoot security configurations
Auditing the security infrastructure
Related
Security: Resources for learning