The LDAP protocol (denoted as just LDAP in this chapter) is the back-end channel used by the WebSphere infrastructure to obtain information about users and groups. There are mainly two uses in a WebSphere Application Server infrastructure for this type of information: authentication and authorization, as reviewed in Chapter 3, Configuring User Authentication and Access. Usually, the data transmitted between the WebSphere infrastructure and an LDAP server is very sensitive in nature as it may contain user credentials information among other things. Therefore, this section will highlight the aspects that allow securing the WebSphere-LDAP communication channel.
The next three subsections will briefly describe the importance of securing the WebSphere-LDAP channel. In addition, these sections point out the choices that the WebSphere Application Server ND v7 offers for securing the WebSphere-LDAP channel.