Trace HTTP connections on Tivoli Access Manager for e-business

Learn how to obtain HTTP connections traces and how to interpret them

Sometimes when using IBM Tivoli® Access Manager for e-business, you need to be able to trace HTTP connections to solve HTTP-related problems. In this white paper, the author explains how to obtain and interpret these traces.

developerWorks security editors, Staff, IBM

Security icon imageThis article is brought to you by the editors of the developerWorks Security site.



07 October 2013

IBM expert Ori Pomerantz has been securing computer networks (and showing others how to do it too) since 1995. Pomerantz joined IBM in 2003 and since then, he has written classes on several IBM security products, including IBM Security zSecure™. He is also a co-author of the IBM Press publication Mainframe Basics for Security Professionals: Getting Started with RACF, 2007. In this whitepaper, Pomerantz explains how to use the WebSEAL server to obtain HTTP connections traces as well as how to interpret the traces.

See Download for the full white paper. The following sections outline what you will learn in the full whiatepaper.

Why you want to trace HTTP connections

WebSEAL is an HTTP proxy that receives an HTTP connection from a browser. If an action is authorized, WebSEAL opens a separate HTTP connection to the back-end server. WebSEAL does not just transfer the information from one connection to the other, it also modifies the URL to interpret junctions. It adds information to the HTTP header for the back-end connection and cookies for the front-end connection. Those changes can cause problems.

The easiest way to trace them is to look at the HTTP connections.


The steps you'll learn

Pomerantz covers the following instructions in this paper:

  • Creating HTTP header traces.
  • Exploring HTTP header traces. WebSEAL changes HTTP headers and you can discover problems by tracing those changes. In the trace, you can explore requests and responses to, from, and for such elements as browsers, authentication, back ends, and additional information.
  • An example on using HTTP header traces.

Pomerantz also covers exploring message body traces too: Creating them, interpreting them, and using them.


Download

DescriptionNameSize
Whitepapertracing_http.pdf163KB

Resources

Learn

Get products and technologies

  • Evaluate IBM products in the way that suits you best: Download a product trial, try a product online, or use a product in a cloud environment.

Discuss

  • Get involved in the developerWorks Community. Connect with other developerWorks users while exploring the developer-driven blogs, forums, groups, and wikis.

Comments

developerWorks: Sign in

Required fields are indicated with an asterisk (*).


Need an IBM ID?
Forgot your IBM ID?


Forgot your password?
Change your password

By clicking Submit, you agree to the developerWorks terms of use.

 


The first time you sign into developerWorks, a profile is created for you. Information in your profile (your name, country/region, and company name) is displayed to the public and will accompany any content you post, unless you opt to hide your company name. You may update your IBM account at any time.

All information submitted is secure.

Choose your display name



The first time you sign in to developerWorks, a profile is created for you, so you need to choose a display name. Your display name accompanies the content you post on developerWorks.

Please choose a display name between 3-31 characters. Your display name must be unique in the developerWorks community and should not be your email address for privacy reasons.

Required fields are indicated with an asterisk (*).

(Must be between 3 – 31 characters.)

By clicking Submit, you agree to the developerWorks terms of use.

 


All information submitted is secure.

Dig deeper into Security on developerWorks


  • Bluemix Developers Community

    Get samples, articles, product docs, and community resources to help build, deploy, and manage your cloud apps.

  • Security

    Pragmatic, intelligent, risk-based IT Security practices.

  • DevOps Services

    Software development in the cloud. Register today to create a project.

  • IBM evaluation software

    Evaluate IBM software and solutions, and transform challenges into opportunities.

static.content.url=http://www.ibm.com/developerworks/js/artrating/
SITE_ID=1
Zone=Security
ArticleID=947160
ArticleTitle=Trace HTTP connections on Tivoli Access Manager for e-business
publish-date=10072013