Book Image

IBM WebSphere Application Server v7.0 Security

By : Omar P Siliceo (USD)
Book Image

IBM WebSphere Application Server v7.0 Security

By: Omar P Siliceo (USD)

Overview of this book

In these days of high-profile hacking, server security is no less important than securing your application or network. In addition many companies must comply with government security regulations. No matter how secure your application is, your business is still at risk if your server is vulnerable. Here is how you solve your WebSphere server security worries in the best possible way. This tutorial is focused towards ways in which you can avoid security loop holes. You will learn to solve issues that can cause bother when getting started with securing your IBM WebSphere Application Server v7.0 installation. Moreover, the author has documented details in an easy-to-read format, by providing engaging hands-on exercises and mini-projects. The book starts with an in-depth analysis of the global and administrative security features of WebSphere Application Server v7.0, followed by comprehensive coverage of user registries for user authentication and authorization information. Moving on you will build on the concepts introduced and get hands-on with a mini project. From the next chapter you work with the different front-end architectures of WAS along with the Secure Socket Layer protocol, which offer transport layer security through data encryption. You learn user authentication and data encryption, which demonstrate how a clear text channel can be made safer by using SSL transport to encrypt its data. The book will show you how to enable an enterprise application hosted in a WebSphere Application Server environment to interact with other applications, resources, and services available in a corporate infrastructure. Platform hardening, tuning parameters for tightening security, and troubleshooting are some of the aspects of WebSphere Application Server v7.0 security that are explored in the book. Every chapter builds strong security foundations, by demonstrating concepts and practicing them through the use of dynamic, web-based mini-projects.

Related Content you might be interested in

Current Title:

Small book image
IBM WebSphere Application Server v7.0 Security
Omar P Siliceo (USD)
Feb, 2011 | 312 pages
No titles found
Table of Contents (17 chapters)
IBM WebSphere Application Server v7.0 Security
IBM WebSphere Application Server v7.0 Security
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
A Threefold View of WebSphere Application Server Security
A Threefold View of WebSphere Application Server Security
Enterprise Application-server infrastructure architecture view
WebSphere architecture view
WebSphere technology stack view
Summary
2
Securing the Administrative Interface
Securing the Administrative Interface
Information needed: Planning for security
Enabling security
Administrative roles
Disabling security
Summary
3
Configuring User Authentication and Access
Configuring User Authentication and Access
Security domains
Administrative security domain
User registry concepts
Supported user registry types
Protecting application servers
Summary
4
Front-End Communication Security
Front-End Communication Security
Front-end enterprise application infrastructure architectures
SSL configuration and management
Securing front-end components communication
Summary
5
Securing Web Applications
Securing Web Applications
Securing web applications concepts
Securing a web application
Summary
6
Securing Enterprise Java Beans Applications
Securing Enterprise Java Beans Applications
EJB application security concepts
EJB project design
EJB project prerequisites and assumptions
Creating an Enterprise Application Project
Creating the portal Dynamic Web Project
Creating content for the portal DWP
Creating an EJB project
The grand finale
Summary
7
Securing Back-end Communication
Securing Back-end Communication
LDAP: Uses of encryption
JDBC: WebSphere-managed authentication
Summary
8
Secure Enterprise Infrastructure Architectures
Secure Enterprise Infrastructure Architectures
The enterprise infrastructure
Securing the enterprise infrastructure using LTPA
Securely enhancing the user experience with SSO
Fine-tuning authorization at the HTTP server level
Fine-tuning authorization at the WAS level
Summary
9
WebSphere Default Installation Hardening
WebSphere Default Installation Hardening
Engineering the how and where of an installation
Ensuring good housekeeping of an installation
Summary
10
Platform Hardening
Platform Hardening
Identifying where to focus
Exploring the operating system
Creating the file system
Safeguarding the network system
Summary
11
Security Tuning and Troubleshooting
Security Tuning and Troubleshooting
Tuning WebSphere security
Troubleshooting WebSphere security-related issues
Concluding WebSphere security-related tips
Summary

About the Reviewers

Domenico Cantatore is a senior IT Specialist working for IBM Software Group in Dublin.

His areas of expertise include infrastructure architecture design, implementation, problem determination and performance, analysis, and tuning on WebSphere and Tivoli® products. These products include WebSphere Application Server, WebSphere Portal Server, WebSphere Process Server, WebSphere Commerce Server, WebSphere MQ, WebSphere Message Broker, and ITCAM. He has 10 years of experience in IT and various industry certifications.

Ty Lim has worked for various software startup companies, consulting firms, and was working in the Healthcare IT field for the last eight years. He now works in the telecommunications industry.

Ty Lim has been in the IT industry for more than 15 years. He started out using WebSphere Application Server back in 2003 and has been utilizing the technology ever since. He has a background in JAVA programming, Unix/Linux Systems administration and he keeps up to date with the latest open source technology. He holds a degree in Computer Science from the University of the Pacific, and is currently pursuing his Masters Degree in Information Systems at Boston University. He has interests in application server technology, open source technology, network security, and Java programming.

I would like to thank my parents (Lina and Roland) for giving me what I needed growing up so that I could achieve what I needed to accomplish thus far in my career. (A good home, a great education, and a drive to keep going.) I love you guys so much. 'Thank you' does not quite show the magnitude of what I owe you. To Mike and Penny, both of you have shown me a lot over the last several years. Thank you so much for being my friends. Both of you have achieved what I have always sought. I hope this rolling stone can someday put up roots somewhere. Give a big hug to my god daughter Sophia for me. Tell her, her god father loves her very much. To my sister Eileen and my brother-in-law Nguyen. Both of you have been an inspiration to me over the last several years. I wish both of you complete happiness. To my colleagues in New York and New Jersey (BrianK, GeorgeT, TomB, DonN, JonL, JohnW, MikeR, GregM, MarkD, JohnH, VinceH), guys you're the best in the business. I can't be more prouder to call both a colleague and a friend. Keep up the great work. To Jenny, thank you for being my friend all these years, I cherish our friendship very much. To my friends and colleagues in CA and overseas, I hope to see all of you soon (or someday). All of you have been my inspiration for working my way back home. To Geri, I just wanted you to know, that your happiness has always meant very much to me. I hope you find happiness wherever you go.

Jose Mariano Ruiz Martin is a Computing Science Engineer and senior specialist at Technologies of Information. He has worked at some of the most important Spanish companies including Telefónica Spain, Vodafone Spain, Caja Madrid, and Mapfre as systems engineer and technical leader.

After finishing his degree in Computing Science and completing a Master's in Computer Networking and Communications, he has specialized in systems engineering, obtaining several certifications such as Sun Certified Security Administrator, Sun Certified System Administrator for Solaris 9, BEA Certified WebLogic 9 Administrator, BEA Certified WebLogic 8.1 Administrator, and Cisco Certified Network Associate. Besides this he has been a professor at several courses on Information Systems Administration.

He is now working at IBM Spain on electronic commerce infrastructures and SOA/BPM technologies as IT specialist on the IBM's WebSphere platform.

I would like to dedicate this book to all those who do not resign themselves to be mere spectators in life, and work resolutely to achieve their own goals; with a special mention to my father, who is still the best example for both my brother and me, and has resisted all the difficulties he has had to face.

Previous Section
Next Chapter