Book Image

IBM WebSphere Application Server v7.0 Security

By : Omar P Siliceo (USD), Omar Siliceo
Book Image

IBM WebSphere Application Server v7.0 Security

By: Omar P Siliceo (USD), Omar Siliceo

Overview of this book

In these days of high-profile hacking, server security is no less important than securing your application or network. In addition many companies must comply with government security regulations. No matter how secure your application is, your business is still at risk if your server is vulnerable. Here is how you solve your WebSphere server security worries in the best possible way. This tutorial is focused towards ways in which you can avoid security loop holes. You will learn to solve issues that can cause bother when getting started with securing your IBM WebSphere Application Server v7.0 installation. Moreover, the author has documented details in an easy-to-read format, by providing engaging hands-on exercises and mini-projects. The book starts with an in-depth analysis of the global and administrative security features of WebSphere Application Server v7.0, followed by comprehensive coverage of user registries for user authentication and authorization information. Moving on you will build on the concepts introduced and get hands-on with a mini project. From the next chapter you work with the different front-end architectures of WAS along with the Secure Socket Layer protocol, which offer transport layer security through data encryption. You learn user authentication and data encryption, which demonstrate how a clear text channel can be made safer by using SSL transport to encrypt its data. The book will show you how to enable an enterprise application hosted in a WebSphere Application Server environment to interact with other applications, resources, and services available in a corporate infrastructure. Platform hardening, tuning parameters for tightening security, and troubleshooting are some of the aspects of WebSphere Application Server v7.0 security that are explored in the book. Every chapter builds strong security foundations, by demonstrating concepts and practicing them through the use of dynamic, web-based mini-projects.
Table of Contents (17 chapters)
IBM WebSphere Application Server v7.0 Security
About the Author
About the Reviewers

Creating the portal Dynamic Web Project

The procedure for creating a dynamic web project was reviewed in Chapter 5 under the section Securing a web application | Securing a J2EE web application | Creating the dynamic web application projects. For this reason, the following description will not be very detailed. Only the aspects that are related to RAD and specifics about the EAR version will be pointed out. For simplicity, the term dynamic web project will be denoted as DWP in the rest of this chapter.

Creating the portal DWP

In RAD, using the File menu:

  1. 1. Follow the sequence: File | New Dynamic Web Project.

  2. 2. Name the project chap6-portal-webapp.

  3. 3. Ensure that the version for Dynamic Web Module is 2.5 or higher.

  4. 4. Under the section EAR membership, ensure that Add project to an EAR is checked and that chap6-EAR-miniproject is selected.

  1. 5. Click the Next button.

The properties to be provided on the last screen of the wizard are very important, so they are presented here as subsections to call...