developerWorks

AIX and UNIX
Information Mgmt
Lotus
Rational
Tivoli
	New to Tivoli
	Products
	How to buy
	Downloads
	Technical library
	Training
	Support
	Services
	Forums
	News
	Events
WebSphere

Architecture
Java™ technology
Linux
Multicore acceleration
Open source
SOA and Web services
Web development
XML

About dW
Submit content
Feedback

Related links
	ISV resources
	alphaWorks (emerging technologies)
	IBM Academic Initiative
	IBM Student Portal
	IBM Virtual Innovation Center (Bus. Partners)
	IBM Redbooks
	IBM Press books
	IBM communities

Local sites
	developerWorks 中国
	developerWorks Japan
	developerWorks 한국
	developerWorks Россия
	developerWorks Brasil
	developerWorks en español
	developerWorks Việt Nam

developerWorks > Tivoli >

Setting up a secure Tivoli Access Manager Session Management Server environment

Concepts and examples for securing a TAM SMS environment using TAM or custom certificates

Level: Intermediate

Paul Winters (pwinters@au1.ibm.com), Software Engineer, IBM Tivoli Software
Johnathan Matthew (jmatthew@au1.ibm.com), Software Engineer, IBM Tivoli Software

14 Dec 2006


	Register now or sign in using your IBM ID and password.

This tutorial enables secure communication between all components within a Session Management Server (SMS) environment. This is essential in any SMS deployment, because without secure communication between all components of an SMS environment, anyone could inject false session data. This tutorial describes how to achieve security-rich communication using Tivoli® Access Manager (TAM) certificates and custom certificates. The order of the tutorial gives the student an easy process for working from a simple to a complex configuration.

In this tutorial

This tutorial explains how to set up a secure environment for the Tivoli Access Manager Session Management Server. It explains how to do this using either the certificates generated by the Access Manager infrastructure, referred to as TAM certificates, or manually generated certificates signed by a regular certificate authority, referred to as custom certificates. It also gives you the background knowledge that is required for you to fully understand how to set up a secure SMS environment.

Objectives

The reasons why you need to secure an SMS environment
The concepts behind securing an SMS environment
How to set up a secure SMS environment using TAM certificates
How to set up a secure SMS environment using custom certificates

Prerequisites

the skills that readers need prior to reading this content. Include symbols for any trademarked terms, such as Java™ or WebSphere®, as well as highlighting or links as needed.

System requirements

Working knowledge of the following products:

WebSphere Application Server 6.0
A Web server that can use the WebSphere Application Server Plugin for Web servers
A registry supported by Tivoli Access Manager for e-Business
Global Security Toolkit (gskit) Ikeyman utility or equivalent
Tivoli Access Manager for e-Business including:

Policy Server
Authorization Server
A point of contact: either WebSEAL or Access Manager Plugin for Web servers
Web Portal Manager
Session Management Server in a non-secure environment

If you want to follow the examples, we recommend tha you have an existing environment where an unsecured SMS is used for the session mechanism. If you want to use custom certificates, you will need to either establish your own in-house certificate authority (CA) or select an external CA. The certificates used here are only used within the Access Manager environment, so an in-house CA will work just as well as an external CA.

Formats

html, pdf

Share this....

Digg this story

del.icio.us

Slashdot it!

Back to top

Document options

Document options requiring JavaScript are not displayed

My developerWorks needs you!

Connect to your technical community