Before you start
The objective of this tutorial is to show different scenarios for integrating WebSphere Application Server and Tivoli Access Manager.
The tutorial includes a quick installation guide for a simple system on which you can run the scenarios introduced here. You will find details for the scenarios and detailed configuration samples that you can run on your system.
The tutorial should take you about 30 minutes to complete, not including the installation time.
This tutorial is a valuable resource for those who want to get quick hands-on experience with WebSphere Application Server and Tivoli Access Manager integration.
This material is useful for architects who want detailed information about WebSphere and Tivoli integration in the enterprise. It can also help system administrators get a feel for the system administration tasks in a WebSphere/Tivoli domain.
To complete the steps in this tutorial, you'll need the following software installed on your computer:
- WebSphere Application Server V5 for NT (download a trial version)
- Tivoli Access Manager V4.1
- Tivoli Access Manager V4.1 Web Security (WebSEAL)
The diagram below depicts the enterprise architecture for WebSphere Application Server and Tivoli Access Manager.
The WebSEAL server usually sits in the demilitarized zone (DMZ). WebSEAL can be combined to run as a plug-in with the WebSphere Edge Server to provide load balancing for the servers behind the second firewall.
The Access Manager authorization server is positioned in the secure network zone, together with the directory server.
The WebSphere Application Server can use both the authorization server and the directory server for authorization and authentication purposes.
The IBM HTTP Server can move to the secure network zone; in this case, WebSEAL forwards and routes the requests to the static content on the Web server.
This architecture could be extended with the Tivoli Web Portal Manager, which is a graphical interface used to manage the Access Manager domain.
The scenarios in this tutorial can be run on one system if it meets the minimum requirements:
- Intel Pentium III or 4 processor or equivalent, 1 GHz minimum
- 1 GB memory minimum
- Windows 2000 Server (Professional also works, although it is not a supported platform)
- ServicePack 3 with the latest critical updates
This one system can run all the components introduced in the previous panel.
dwserver as the server name in this tutorial. Make sure that you replace this server name with your own hostname when appropriate.