The first time you sign into developerWorks, a profile is created for you. Select information in your developerWorks profile is displayed to the public, but you may edit the information at any time. Your first name, last name (unless you choose to hide them), and display name will accompany the content that you post.

All information submitted is secure.

The first time you sign in to developerWorks, a profile is created for you, so you need to choose a display name. Your display name accompanies the content you post on developerworks.

Please choose a display name between 3-31 characters. Your display name must be unique in the developerWorks community and should not be your email address for privacy reasons.

All information submitted is secure.

My developerWorks:

My notifications:

Sign out

Select a language:

Secure your Web resources

Concrete scenarios offer Tivoli security tips

Peter Kovari (peter.kovari@us.ibm.com), WebSphere Specialist, IBM

Peter Kovari is a WebSphere specialist at the International Technical Support Organization, Raleigh Center in Research Triangle Park, NC. He writes extensively about all areas of WebSphere. His areas of expertise include WebSphere Application Server, WebSphere Application Server Enterprise, enterprise application design and development, security, enterprise messaging, and pervasive solutions.

Summary: This tutorial drives through three WebSphere Application Server/Tivoli Access Manager integration scenarios. You'll learn how to share the user registry, and to protect Web resources with WebSEAL via both LTAP and TAI. Setup and configuration details are provided for testing and configuring all the scenarios in the tutorial.

Tag this!

Date: 29 May 2003
Level: Introductory
PDF: A4 and Letter (678 KB | 27 pages)Get Adobe® Reader®

Activity: 6383 views
Comments:

Before you start

About this tutorial

The objective of this tutorial is to show different scenarios for integrating WebSphere Application Server and Tivoli Access Manager.

The tutorial includes a quick installation guide for a simple system on which you can run the scenarios introduced here. You will find details for the scenarios and detailed configuration samples that you can run on your system.

The tutorial should take you about 30 minutes to complete, not including the installation time.

This tutorial is a valuable resource for those who want to get quick hands-on experience with WebSphere Application Server and Tivoli Access Manager integration.

This material is useful for architects who want detailed information about WebSphere and Tivoli integration in the enterprise. It can also help system administrators get a feel for the system administration tasks in a WebSphere/Tivoli domain.

Prerequisites

To complete the steps in this tutorial, you'll need the following software installed on your computer:

WebSphere Application Server V5 for NT (download a trial version)
Tivoli Access Manager V4.1
Tivoli Access Manager V4.1 Web Security (WebSEAL)

Architecture

The diagram below depicts the enterprise architecture for WebSphere Application Server and Tivoli Access Manager.

The WebSEAL server usually sits in the demilitarized zone (DMZ). WebSEAL can be combined to run as a plug-in with the WebSphere Edge Server to provide load balancing for the servers behind the second firewall.

The Access Manager authorization server is positioned in the secure network zone, together with the directory server.

The WebSphere Application Server can use both the authorization server and the directory server for authorization and authentication purposes.

The IBM HTTP Server can move to the secure network zone; in this case, WebSEAL forwards and routes the requests to the static content on the Web server.

This architecture could be extended with the Tivoli Web Portal Manager, which is a graphical interface used to manage the Access Manager domain.

Scenario system requirements

The scenarios in this tutorial can be run on one system if it meets the minimum requirements:

Intel Pentium III or 4 processor or equivalent, 1 GHz minimum
1 GB memory minimum
Windows 2000 Server (Professional also works, although it is not a supported platform)
ServicePack 3 with the latest critical updates

This one system can run all the components introduced in the previous panel.

We'll use dwserver as the server name in this tutorial. Make sure that you replace this server name with your own hostname when appropriate.

Comments

Close [x]

Help: Update or add to My dW interests

What's this?

This little timesaver lets you update your My developerWorks profile with just one click! The general subject of this content (AIX and UNIX, Information Management, Lotus, Rational, Tivoli, WebSphere, Java, Linux, Open source, SOA and Web services, Web development, or XML) will be added to the interests section of your profile, if it's not there already. You only need to be logged in to My developerWorks.

And what's the point of adding your interests to your profile? That's how you find other users with the same interests as yours, and see what they're reading and contributing to the community. Your interests also help us recommend relevant developerWorks content to you.

View your My developerWorks profile

Return from help

Close [x]

Help: Remove from My dW interests

What's this?

Removing this interest does not alter your profile, but rather removes this piece of content from a list of all content for which you've indicated interest. In a future enhancement to My developerWorks, you'll be able to see a record of that content.

View your My developerWorks profile

Return from help

static.content.url=http://www.ibm.com/developerworks/js/artrating/

SITE_ID=1

Zone=Tivoli

ArticleID=136284

TutorialTitle=Secure your Web resources

publish-date=05292003

author1-email=peter.kovari@us.ibm.com

author1-email-cc=