Recommended reading list: Java EE and WebSphere Application Server

Updated for new related products, technologies, and feature packs

Learn about using Java™ Enterprise Edition (Java EE) and IBM® WebSphere® Application Server with this list of essential reading, compiled for customers, consultants, and other technical specialists by IBM Software Services for WebSphere. Updated with resources for new related products, technologies, and feature packs..


Sree Anand Ratnasinghe (, Certified IT Specialist, IBM  

Sree Anand Ratnasinghe is an IBM and Open Group Certified IT Specialist with the Technology Practice team in IBM Software Services for WebSphere (ISSW). She has implemented proofs-of-concept and mentored customers interested in the WebSphere Application Server and the WebSphere family of products. She currently leads technical enablement programs for IBM Consultants as well as curriculum architecture for conferences on WebSphere products. Sree holds an MS in Information Networking from Carnegie Mellon University.

December 2010 (First published 25 February 2003)

Also available in Chinese


This list of recommended reading connects you to documents that contain essential information that practitioners should know and understand before diving into Java™ EE application design and implementation using IBM® WebSphere® Application Server.

This list is intended for anyone interested in using or learning more about WebSphere Application Server.

About versions: Unless otherwise noted, the items in this list contain information that is generally applicable to all currently-supported versions of WebSphere Application Server, even though the information might be discussed in the context of older releases. When an item pertains only to one or more specific versions of WebSphere Application Server (or other IBM software), the applicable versions are noted after the title.

About other products: Although this list provides some starting points for learning about Web application development using other IBM products and related technologies, the focus here is on the WebSphere Application Server product family. Check the IBM developerWorks Rational® zone for more comprehensive reference material on Web development and IBM Rational products, the SOA and Web services zone for Service Oriented Architecture articles and design tips, and the Project Zero development community for information about using IBM WebSphere sMash to build rich Internet applications.

The list

The items in this list are organized into these categories:

Rational Application Developer & WebSphere Application Server compatibility

Rational Application Developer V8.0 is now available, and is the latest development tool for WebSphere Application Server V7.0. It can also be used with WebSphere Application Server V6.1 and V6.0, as well as WebSphere Application Server V8.0 beta.

Rational Application Developer V7.5 can be used with WebSphere Application Server V7.0, V6.1, and V6.0.

Rational Application Developer V7.0 can only be used with WebSphere Application Server V6.1, V6.0, and V5.1.

  1. Fundamentals
  2. Architecture
  3. Administration
  4. Migration
  5. Data integration
  6. Web services
  7. Application development
    1. Rational Application Developer basics
    2. Java EE development
    3. Web 2.0
    4. Service Component Architecture
    5. OSGi
    6. Development with XML
    7. Other frameworks
  8. Security
  9. Problem determination
  10. Performance, scalability, and high availability
    1. High availability
    2. Performance tuning
  11. Virtualization
  12. WebSphere DataPower Appliances
  13. Maintenance

A. Fundamentals

  1. WebSphere Application Server: Product line

    Web site: WebSphere Application Server supports the broadest range of platforms in the industry so your applications can be built to run on the platform that makes most sense for your business. This site provides overview information on the WebSphere Application Server V7 product editions that are available.

  2. WebSphere Application Server V7.0: Technical Overview

    Redpaper: WebSphere Application Server is the implementation by IBM of the Java Platform, Enterprise Edition (Java EE) platform. It conforms to the Java EE 5 specification and is available in unique packages that are designed to meet a wide range of customer requirements. At the heart of each package is a WebSphere Application Server that provides the runtime environment for enterprise applications. This discussion centers on the runtime server component of WebSphere Application Server.

  3. WebSphere Application Server detailed system requirements

    Web site: Detailed hardware and software requirements for all supported releases of WebSphere Application Server. If you are unable to find a reference to a specific version of hardware ot software, remember that this document describes the minimum product levels that need to be installed before opening a problem report with the WebSphere Application Server Support team. Because other products frequently ship fixes, updates, and new releases, testing every configuration is not possible. In general, you can install and run with updates to supported products if those updates are forward compatible. For additional information about available support for configurations that are not included in the list, refer to support article WebSphere Application Server has grown and so have your requirements.

  4. WebSphere Application Server Feature Packs

    Web site: IBM makes additional product features and functions available -- along with some of the latest standards -- through feature packs. With feature packs, you can selectively leverage new standards and features while maintaining a more stable internal release cycle. This page lists all available WebSphere Application Server feature packs. Be aware that some feature packs are generally available, while others might be beta versions.

B. Architecture

  1. WebSphere Application Server V7: Concepts, Planning and Design

    Redbook: Discusses the concepts, planning, and design of WebSphere Application Server V7.0 environments, ranging from small to large, and complex implementations. Addresses the packaging and the features incorporated into WebSphere Application Server, covers the most common implementation topologies, and addresses planning for specific tasks and components that conform to the WebSphere Application Server environment. Includes planning for WebSphere Application Server V7.0 and WebSphere Application Server Network Deployment V7.0 on distributed platforms, and WebSphere Application Server for z/OS V7.0, and also covers considerations for migrating from previous releases.

  2. The Ideal WebSphere Development Environment

    Article: A description of the ideal environment for WebSphere Application Server and closely related WebSphere products, such as WebSphere Portal. The word "environment" is used in the largest sense possible -- it includes virtually every aspect of enterprise application ownership, from development to production. This article explains why each stage is necessary, and options for reducing costs, when appropriate.

  3. Developing defensively: Part 1: Defensive architecture

    Article: Investigate the principles of defensive architecture and learn approaches for addressing some common architectural problems that could lead to system degradation -- or even overall system failure.

  4. Problem Determination through Defensive Infrastructure Architecture: Part 1: Runtime deployments with queues and ESBs

    Article: The widely known "keep it simple strategy" (KISS) is a wise practice to follow when building out an infrastructure. Application deployments, packaging, and placement requires considerable thought and effort to execute well. However, sometimes what appears to be a simple implementation can hinder problem determination leaving a production runtime unstable or, worse, unavailable. What is simpler for one side of the IT development or operations staff makes troubleshooting and root cause analysis that much harder because it is difficult to separate out discrete events or the lack of valuable but missing data. This article looks at some real life examples where "more is actually less" when it comes to KISS.

  5. What you want to know about HTTP session persistence

    Article: Looking for the right session persistence strategy? Here are answers to questions you might have that will help you find the best solution for your requirements.

  6. Why do non-functional requirements matter?

    Article: Functionality is important, but if you don't consider non-functional requirements -- which address how your solution is going to operate in the real world -- then your clever solution could end up being useless in practice. This is a list of non-functional requirements that are critical to success.

C. Administration

  1. What's new in WebSphere Application Server V7: An overview of important new features

    Article: IBM WebSphere Application Server V7 has powerful new features and dramatic enhancements to help you achieve heightened productivity, stronger security, tighter integration, and simplified administration. Find out about some of the new key features that enable this new release to provide a flexible and reliable foundation for your service-oriented architecture.

  2. System administration for WebSphere Application Server V7

    Article series: This series of articles describes several important new administration features available in WebSphere Application Server V7:

  3. WebSphere Application Server V7 Administration and Configuration Guide

    Applies to V7

    Redbook: Provides information to help system administrators and developers configure a WebSphere Application Server V7 run time environment, package and deploy applications, and manage the WebSphere environment on an ongoing basis. This book provides a detailed exploration of the WebSphere Application Server V7 run time administration process, including configuration and administration information for WebSphere Application Server V7 and WebSphere Application Server Network Deployment V7 on distributed platforms, and WebSphere Application Server for z/OS V7.

    Alternative reading for V6.1:

  4. Integrating WebSphere Virtual Enterprise in complex WebSphere Application Server topologies

    Article: Implementing IBM WebSphere Virtual Enterprise in an existing IBM WebSphere Application Server Network Deployment infrastructure can be a complex undertaking without sufficient preparation. This article guides practitioners with discussions on best practices and limitations that need to be considered.

  5. Command assistance simplifies administrative scripting in WebSphere Application Server

    Article: Command assistance is a feature that provides wsadmin commands in the Jython scripting language for various actions performed within the WebSphere Application Server V7 administrative console. This article offers usage scenarios that could assist you in leveraging the full capabilities of this feature. Those who will benefit most from this information are administrators with beginner to intermediate experience with wsadmin and scripting. Those not familiar with command assistance will learn how to use it, store a history of commands, and make the commands generic through the use of variables.

    Additional reading:

  6. Everything you always wanted to know about WebSphere Application Server but were afraid to ask

    Column series: A series of articles answering frequently asked technical questions about WebSphere Application Server. Some highlights:

  7. Using virtual image templates to deploy WebSphere Application Server

    Article: One significant advantage of server virtualization is the ability to rapidly provision new environments by using libraries of virtual image templates. This article offers an approach and sample scripts for using WebSphere Application Server Network Deployment inside virtual machine templates. The approach leverages new capabilities provided in WebSphere Application Server V6, making the process of creating a template installation that is easily copied and customized for a new host much easier. This article has been updated to include techniques and sample scripts for including WebSphere profiles, applications, and clusters inside WebSphere template images. These new techniques shorten activation time and simplify the use of template images in ISV scenarios, and with WebSphere products such as WebSphere Portal, WebSphere Process Server, and so on.

  8. Tactics and tradeoffs in a large shared topology: Facts and advice for infrastructure architects and administrators

    Article: The challenges of managing a large scale topology are best addressed through planning, proactive actions, and strategic decisions, as opposed to attempting to deploy and manage in a reactive manner. This article will help you identify some of the tactics, trade offs, and critical issues that stand between your infrastructure and large scale success.

  9. The WebSphere Contrarian: Changing host names and migrating profiles in WebSphere Application Server

    Article: If you're moving your WebSphere Application Server configuration or migrating your environment, you might have to change host names or move profiles from one machine to another. This article explains how to do this, whether you're using WebSphere Application Server Version 5.x, 6.x, or 7.

  10. The WebSphere Contrarian: Resolving WebSphere Application Server configuration conflicts

    Article: Any time there’s more than a single administrator for an IBM WebSphere Application Sever cell, there’s the possibility of conflicting administrative actions. This installment of The WebSphere Contrarian discusses how to detect and resolve conflicting configuration changes.

D. Migration

  1. How the Application Migration tool makes it easy to move to WebSphere Application Server

    Article: The IBM WebSphere Application Server Migration Toolkit contains an Application Migration tool that you can use to easily move applications from a source application server to IBM WebSphere Application Server V7.0. This article introduces the capabilities of this new tool and provides resources to help you start using it.

  2. WebSphere Application Server V7 Migration Guide

    Redbook: This paper helps you to understand the significant changes with respect to migrating to WebSphere Application Server on V7.0 and provides several business scenarios that can be implemented through simple customizations. Each scenario addresses a unique requirement that can be mapped with similar business scenarios.

  3. WebSphere migrations: Migrating WebLogic server and application configurations to WebSphere Application Server

    Article: Learn to migrate WebLogic application and server configurations to IBM WebSphere Application Server with this article, which identifies those WebLogic proprietary extensions that must be properly mapped for your applications to run on WebSphere Application Server. Solutions to common problems are included so you can navigate your migration with minimum difficulty.

E. Data integration

  1. WebSphere and Messaging: A brief introduction to the Service Integration Bus

    Blog: A brief primer on the basic concepts and elements that make up this WebSphere Application Server messaging mechanism.

  2. WebSphere Application Server V7 Messaging Administration Guide

    Redbook: WebSphere Application Server V7 supports asynchronous messaging based on the Java Message Service (JMS) and the Java EE Connector Architecture (JCA) specifications. Asynchronous messaging support provides applications with the ability to create, send, receive, and read asynchronous requests, as messages. WebSphere Application Server provides a default messaging provider, as well as support for WebSphere MQ and generic messaging providers.This IBM Redbook publication provides information on the messaging features of WebSphere Application Server V7. It contains information on configuring, securing, and managing messaging resources, with a focus on the WebSphere default messaging provider.

  3. Using the WebSphere MQ messaging provider in WebSphere Application Server V7

    Article series: IBM WebSphere Application Server V7 contains key improvements to the way it interoperates with IBM WebSphere MQ as a Java Message Service (JMS) provider. This article provides an overview of the new WebSphere MQ messaging provider with particular focus on its new capabilities and the enhancements in WebSphere Application Server V7.

  4. Building a high availability database environment using WebSphere middleware

    Article series: This series presents strategies for high availability, workload management, and disaster recovery in WebSphere Application Server Network Deployment and WebSphere Process Server environments with IBM DB2® and Oracle RAC.

F. Web services

  1. IBM WebSphere Application Server V7.0 Web Services Guide

    Applies to Version 7.0

    Redbook: Describes how to implement Web services in WebSphere Application Server V7. It starts by describing the concepts of the major building blocks on which Web services rely and leading practices for Web services applications. It then illustrates how to use Rational Application Developer and the WebSphere tools to build and deploy a Web services application.In addition to the fundamentals of Web services development, this book provides information on advanced topics, including WS-Policy, WS-MetadataExchange, Web services transactions, WS-Notification, Secure conversation, and WS-SecurityKerberos.

  2. Feature Pack for Web Services for WebSphere Application Server V6.1

    Applies to Version 6.1

    Utility: WebSphere Application Server V7 and WebSphere Application Server V6.1 with the Feature Pack for Web Services support two Web services programming models: JAX-RPC 1.1 and JAX-WS 2.0 (which is the successor to JAX-RPC 1.1. If you are using V6.1 without the feature pack, then you will only have support for JAX-RPC services. You must install the feature pack to get the added JAX-WS 2.0 support. If you are using V7, support for both JAX-WS and JAX-RPC is already built in and so no feature pack is required. Since JAX-WS is the strategic API, you should use that programming model in general for new Web services development.

    Additional reading:

  3. Which style of WSDL should I use?

    Article: A Web Services Description Language (WSDL) binding style can be RPC or document. The use can be encoded or literal. How do you determine which combination of style and use to use? The author describes the WSDL and SOAP messages for each combination to help you decide.

  4. Web services hints and tips: JAX-RPC vs JAX-WS

    Applies to Version 6.1 and 7.0

    Article series: JAX-WS 2.0 is the successor to JAX-RPC 1.1. This series compares these two Java Web services programming models.

  5. Create RESTful Web services with Java technology

    Article: JAX-RS (JSR-311) is a Java API that enables quick and easy development of Java RESTful services. The API provides an annotation-based model for describing distributed resources. Annotations are used to provide resource location, resource representation, and a pluggable data binding architecture. In this article, learn how you can use JAX-RS to realize the potential of a RESTful services architecture in a Java EE environment.

  6. Web services SOAP message validation

    Article: Learn the history and the underlying technologies of Web services.Build a Web service using bottom-up development method. Transmit, receive, decrypt, validate SOAP messages and verify digital signatures of SOAP messages with the Web services validation tool for WSDL and SOAP. Explore a real world Web service such as the U.S. National Weather Service with the Web services validation tool for WSDL and SOAP.

  7. WS-Notification in WebSphere Application Server V7

    Applies to Version 7.0

    Article series: Learn how to develop JAX-WS applications for use with the updated WS-Notification functionality included with WebSphere Application Server V7.0. Some familiarity with Java-based Web services, the WS-Notification 1.3 family of specifications, and some experience using the WebSphere Application Server administration console is expected.

  8. Message-level security with JAX-WS on WebSphere Application Server V7

    Applies to Version 7.0

    Tutorial: Demonstrates how to build a JAX-WS client and server Web service that runs on WebSphere Application Server V7. Additionally, it teaches you how to configure message-level security for the SOAP message by configuring policy sets through Rational Application Developer V7.5.2.

  9. Develop a SOAP/JMS JAX-WS Web services application with WebSphere Application Server V7 and Rational Application Developer V7.5

    Applies to Version 7.0

    Tutorial: WebSphere Application Server V7 provides support for SOAP over Java Message Service (JMS) with JAX-WS Web service applications. SOAP over JMS can be used as an alternative to SOAP over HTTP for transmitting SOAP request and response messages. This tutorial shows you how to use Rational Application Developer V7.5 to develop and deploy a JAX-WS Web service application that uses SOAP over JMS.

  10. JAX-WS client APIs in the Web Services Feature Pack for WebSphere Application Server V6.1

    Applies to Version 6.1

    Article series: An introduction to JAX-WS 2.0, the new programming model supported in the WebSphere Application Server V6.1 Feature Pack for Web Services.

  11. Top 8 tips to optimize your web services client in WebSphere

    Applies to Versions 6.1 and 7.0

    Web site: If you use WebSphere Application Server to develop your Web services client application, this list will help you optimize the client.

G. Application development

a. Rational Application Developer basics

  1. What's new in IBM Rational Application Developer Version 7.5

    Applies to Rational Application Developer Version 7.5

    Article: An overview of the new features of IBM Rational Application Developer V7.5. As it is the successor to Version 7.0, a basic familiarity with Rational Application Developer in general is useful.

  2. Rational Application Developer V7.5 Programming Guide

    Applies to Rational Application Developer Version 7.5

    Redbook: Programming guide that highlights the features and tooling included with Rational Application Developer V7.5. Many of the chapters provide working examples that demonstrate how to use the tooling to develop applications, as well as achieve the benefits of visual and rapid application development.

    Alternative reading for Rational Application Developer V7:

b. Java EE development

  1. An update on Java Persistence API 2.0

    Article: As the JPA Expert Group (JSR-317) nears completion of the JPA 2.0 specification, this article introduces you to some of the new concepts and features in this updated specification. It also explains how you can experience this new functionality with the Apache OpenJPA project, an open-source, robust, high performance, scalable implementation of the JPA specification.

  2. The top Java EE best Practices

    Article: A top 10 (+9) list of the most important best practices for Java EE application development. Updated to take into account changing technology trends and, more importantly, recommends certain practices that the authors assumed would be commonly followed, but, as they have learned, are not.

  3. Rational Application Developer V7.5: Using the Java Persistence API

    Demo: Shows how to use the new Java EE 5 Java Persistence API (JPA) framework to create simple JPA entity and manager beans. This is part of a series of demonstrations that show the new features of Rational Application Developer Version 7.5.

  4. Resource injection using Rational Application Developer v7.5

    Article: Java EE has simplified the development of complete enterprise applications. Using resource injection through annotation, much standard code is eliminated, which contributes to maintainable code. Your organization might have numerous existing, complex stored procedures. You can continue to develop your applications that use stored procedures and take advantage of the Java platform.

  5. Building Java EE applications with IBM Rational Application Developer V7.5 and WebSphere Application Server V7.0: A step-by-step guide to creating Java EE V5.0 applications

    Article: Rational Application Developer for WebSphere Software Version 7.5 contains tools to create Java EE applications utilizing JPA and EJB 3.0 technology. Rational Application Developer V7.5 introduces new wizards, editors, and perspectives to create powerful applications easily. This article, targeted for intermediate users, walks you through various new features and shows you how to create an end-to-end Java EE application.

  6. Building EJB 3.0 applications with WebSphere Application Server: Using the WebSphere Application Server V6.1 Feature Pack for Enterprise JavaBeans 3.0

    Applies to Version 6.1 only

    Article: EJB 3.0 is a major step forward in simplifying application development in the enterprise. By using the IBM WebSphere Application Server V6.1 Feature Pack for Enterprise JavaBeans 3.0, you can benefit from the simplified development experience, new persistence model, and new features such as interceptors, while still deploying to a robust WebSphere platform.

  7. What's new in JavaServer Faces tooling in IBM Rational Application Developer Version 7.5

    Article: This article highlights the most important new features for JavaServer™ Faces support in Rational Application Developer V7.5.

  8. Understanding how EJB calls operate in WebSphere Application Server V6.1

    Article: Many applications use Enterprise JavaBeans (EJB) deployed in an WebSphere Application Server EJB container. Communication to these EJB components requires the use of concepts like Internet Inter-ORB Protocol (IIOP) communication, JNDI look-ups, and workload management. This interaction can be complex and is often a black box for many WebSphere users. This article provides a basic understanding of how EJB communication works in the context of WebSphere Application Server. Communication into and out of the ORB is addressed, along with the definitions of basic call patterns and components involved in making calls to EJB components deployed in the EJB container. A basic understanding of J2EE™ principles and general administrative knowledge of WebSphere Application Server is assumed.

c. Web 2.0

  1. RESTful Web services: The basics

    Article: Representational State Transfer (REST) has gained widespread acceptance across the Web as a simpler alternative to SOAP- and Web Services Description Language (WSDL)-based Web services. Key evidence of this shift in interface design is the adoption of REST by mainstream Web 2.0 service providers—including Yahoo, Google, and Facebook—who have deprecated or passed on SOAP and WSDL-based interfaces in favor of an easier-to-use, resource-oriented model to expose their services. This article introduces you to the basic principles of REST.

  2. Moving toward Web 2.0 maturity

    Article: Web 2.0 applications are quickly becoming the mainstream. Rich Internet Applications and social networks are everywhere. Browser maturity, network speed, and HTTP infrastructure have contributed to this. Ajax is the main service invocation model for the client. Middleware is becoming more stateless. All this, and yet many people still hold on to a legacy mindset when building these modern applications, which can lead to some difficult technical scenarios.

  3. Building Dynamic Ajax Applications Using WebSphere Feature Pack for Web 2.0

    Applies to Versions 6.1 and 7.0

    Redbook: Demonstrates techniques and technologies available through the WebSphere Application Server Feature Pack for Web 2.0 for building dynamic, next-generation Web applications. It covers connecting to SOA services from Ajax using lightweight protocols REST and JSON, extending enterprise messaging to the Web using Ajax messaging, speeding up Ajax application time to market using the Ajax Development Toolkit featuring Dojo, and more.

  4. Web 2.0 Application Development using JPA, AJAX, and Dojo tools in Rational Application Developer Version 7.5: Rational Application Developer provides new features to make Web 2.0 application construction easy

    Article: Explains how to create a simple end-to-end Web application using the JPA, AJAX, and Dojo tools available in Rational Application Developer for WebSphere Software V7.5. Developers building applications to run on WebSphere Application Servers with the EJB 3 and Web 2.0 Feature Packs can take advantage of new functionality using Rational Application Developer's new Web tools.

d. Service Component Architecture

  1. Exploring the WebSphere Application Server Feature Pack for SCA

    Applies to Version 7.0

    Article series: An introduction to open Service Component Architecture (SCA) concepts, objectives of the technology, and some of the key integration points that provide great value to WebSphere Application Server V7.0 users.

e. OSGi

  1. Innovations within reach: Are we ready for enterprise OSGi?

    Article: Over the past year, there have been many heated debates over the readiness or otherwise of OSGi for enterprise applications. OSGi is a proven and tested technology, so in that sense it's been "ready" for a long time. What has been missing are specifications and implementations of tools and frameworks that are required for Java EE programmers to properly utilise OSGi enterprise features. The recent release of the OSGi Service Platform Enterprise Specification (4.2) and the announcement of the IBM WebSphere Application Server V7 Feature Pack for OSGi Applications and Java Persistence API (JPA) 2.0 changes this. Here is an overview of this new feature pack and the reasoning behind its development.

  2. Best practices for developing and working with OSGi applications

    Article: For over a decade, OSGi technology has solved application development modularity challenges around complexity, extensibility, and maintenance. With the introduction of the IBM WebSphere Application Server Feature Pack for OSGi Applications and JPA 2.0, enterprise Java applications consisting of OSGi bundles can now be developed and deployed to WebSphere Application Server V7. This article describes best practices for developing well constructed OSGi applications to help you benefit most effectively from this new capability.

f. Development with XML

  1. Programming XML across the multiple tiers: Use XML in the middle tier for performance, fidelity, and development ease

    Article: Programming XML across the multiple tiers: Use XML in the middle tier for performance, fidelity, and development ease.

h. Other frameworks

  1. Using Spring and Hibernate with WebSphere Application Server

    Article: If you're considering using Spring or Hibernate with WebSphere Application Server, this article explains how to configure these frameworks for various scenarios with WebSphere Application Server. This article is neither an endorsement nor an exhaustive review of either framework, but a critical reference to help you successfully implement such scenarios. Recently updated with new security information.

H. Security

  1. Q & A: Frequently asked questions about WebSphere Application Server security

    Article: Because the integrity of your processing environment is at stake, questions about security must be answered as quickly as possible. To that end, this article provides quick, direct answers to some of the most frequently asked questions about IBM WebSphere Application Server security.

  2. Implementing Kerberos in a WebSphere Application Server Environment

    Redbook: This book provides a set of common examples and scenarios that demonstrate how to use the Kerberos with WebSphere Application Server. The scenarios include configuration information for WebSphere Application Server V7 when using a KDC from Microsoft®, AIX®, and z/OS® as well as considerations when using these products.

  3. WebSphere Application Server V7 advanced security hardening

    Article series: Security consists of more than just some firewalls at the edge of your network protecting you from the outside. It is a difficult and complex set of actions and procedures that strive to strengthen your systems as much as is appropriate. This article covers many aspects of security in general, details the IBM WebSphere Application Server security architecture, and discusses hardening a WebSphere Application Server environment.

  4. SAML assertions across WebSphere Application Server security domains

    Article: Security Assertion Markup Language (SAML) is fast becoming the technology of choice to create Single Sign-On (SSO) solutions across enterprise boundaries. This article describes how to use the SAML support in IBM WebSphere Application Server V7.0 Fix Pack 7 to assert SAML tokens across enterprise boundaries in different security domains, and also to make access control decisions directly using the foreign security domain user identity and custom SAML group attribute, all based on the trust relationship.

  5. WebSphere Application Server V7.0 Security Guide

    Applies to Version 7.0

    Redbook: Information needed to implement secure solutions with WebSphere Application Server V7.0. This book focuses on security for the application server and its components, including enterprise applications. This book is intended for anyone that plans to secure applications and the application serving environment.

    Alternative reading for Version 6.1:

  6. Administering SPNEGO within WebSphere Application Server: Tips on using Kerberos service principal names

    Article: The Simple and Protected GSS-API Negotiation (SPNEGO) trust association interceptor (TAI) in IBM WebSphere Application Server V6.1 and in the SPNEGO Web Authentication feature in WebSphere Application Server V7.0 can be a powerful tool to achieve a seamless single sign-on environment between Microsoft Windows desktops and WebSphere-based servers. However, some users have trouble configuring service principal names when using SPNEGO. This article describes some best practices for configuring Microsoft Active Directory when using SPNEGO with WebSphere Application Server.

  7. SSL, certificate, and key management enhancements for even stronger security in WebSphere Application Server V6.1

    Article: Exciting changes have been made to the SSL, certificate, and key management infrastructure in IBM WebSphere Application Server V6.1. This article touches on how these changes will improve security, provide management flexibility and simplification, and maintain a consistent SSL runtime that is tightly integrated with the new configuration.

  8. Database identity propagation in WebSphere Application Server V6

    Article: Learn how to get major security benefits by developing code that lets your J2EE applications transparently send identity information to your database. Get the benefits of J2EE, including CMP beans, and still leverage the power of your database security.

  9. Authorization concepts and solutions for J2EE applications

    Article: Authorization architecture can be an ugly and problematic beast. Learn how to gear your application's development to effectively use the authorization features in IBM WebSphere Application Server.

  10. Advanced authentication in WebSphere Application Server

    Article: The advanced authentication features in IBM WebSphere Application Server V6 support a more flexible authentication model with a new, highly customizable authentication framework that is based upon -- and extends -- Java™ Authentication and Authorization Service (JAAS).

  11. Expand your user registry options with a federated repository in WebSphere Application Server V6.1

    Article: IBM WebSphere Application Server V6.1 offers a new federated user repository feature that makes it easy for you to access and maintain user data in multiple repositories, particularly since this capability is achieved by configuration (instead of coding) with the Virtual Member Manager utility.

I. Problem determination

  1. The Support Authority: What’s new in IBM Support Assistant V4.1

    Article: IBM Support Assistant is a free serviceability workbench provided by IBM to facilitate self-help diagnostics for software problems. This article provides an overview of the newest features included in the IBM Support Assistant Workbench and Agent V4.1 software offerings.

  2. The Support Authority: Know what your Web application is really doing

    Article: The IBM Monitoring and Diagnostic Tools for Java - Health Center is a lightweight tool that monitors IBM virtual machines for Java with minimal performance overhead. It provides live information and recommendations about classes being loaded, the virtual machine environment, garbage collection, locking, and profiling. This article introduces you to the Health Center and shows an example of how it can be used to check the impact of a source code change in a Web application.

  3. The Support Authority: Analyze memory management problems with the Memory Dump Diagnostic for Java (MDD4J)

    Article: The Memory Dump Diagnostic for Java (MDD4J) tool helps you diagnose memory leaks and other excessive memory consumption problems in applications running in IBM Java Virtual Machines (JVMs). This article introduces you to MDD4J and shows you how to use its sophisticated analysis engine and user interface to peer into the Java heap so you can see which objects are consuming the most amount of memory.

  4. The Support Authority: A systematic approach to problem solving

    Article: Problem determination is not an exact science, but it's also not rocket science. A methodical approach will help your problem solving techniques become more organized, systematic, and, ultimately, more effective.

  5. The Support Authority: 12 ways you can prepare for effective production troubleshooting

    Article: Rather than focus on what to do after a problem happens, here are 12 things you can do to your environment now to make troubleshooting quicker and more effective when problems do occur.

  6. The Support Authority: Choosing the right WebSphere diagnostic tool

    Article: This article provides a quick reference guide to help you decide which of the most common WebSphere diagnostic tools to use at any given time, and some background information that provides a glimpse into how problem determination tools are developed.

  7. Deploying and troubleshooting co-located applications within WebSphere Application Server

    Article: Deploying multiple collocated applications within a single instance of WebSphere Application Server provides valuable benefits in some environments, but it can also create some unique difficulties in the areas of problem isolation and problem determination. This article examines techniques and best practices for maintaining the advantages of application co-location, while reducing the impact of potential pitfalls.

  8. The Support Authority: A developer's guide to WebSphere Application Server logging

    Article: Log messages and trace information can be critical, time-saving elements in the initial stages of problem diagnosis, and can often alleviate the need to recreate a problem in order to troubleshoot it. This article looks at the log and trace facilities in WebSphere Application Server, explains the difference between them, and describes how you can leverage them in your own applications.

J. Performance, scalability, and high availability

  1. HAM, digested

    Article: Here is a handy pocket reference providing information, tuning tips, links to material, and more, on the High Availability Manager component of IBM® WebSphere® Application Server. This is must-have information for any WebSphere Application Server administrators who deal with large cell topologies.

  2. The WebSphere Contrarian: Run time management high availability options, redux

    Article: IBM WebSphere Application Server Network Deployment provides for failover and recovery of application workload, but how do you provide for failover of the management workload in a Network Deployment cell? The WebSphere Contrarian explains the steps you need to take to achieve this.

  3. The WebSphere Contrarian: High availability (again) versus continuous availability

    Article: While often used synonymously, high availability and continuous availability do in fact differ, although an infrastructure to provide either of these service levels typically relies on multiple redundant IBM WebSphere Application Server Network Deployment cells.

  4. The WebSphere Contrarian: A better Web application configuration for high availability

    Article: Adding hardware doesn't always improve failover and availablity for Web application requests. The WebSphere Contrarian discusses why this is the case, as well as some possible alternatives.

  5. Consider multiple cells for redundancy and availability

    Article: A multiple cell strategy within your IBM WebSphere Application Server environment enables you to address planned (and unplanned) maintenance while still providing 24x7 availability.

  6. Comment lines: Everything you always wanted to know about WebSphere Application Server but were afraid to ask, Part 3

    Article: Answers to more very frequently asked questions about IBM® WebSphere® Application Server, including how to run it over multiple data centers, which JDK to use, and why (and when) you should migrate to Version V6.1.

  7. The WebSphere Contrarian: Less might be more when tuning WebSphere Application Server

    Article: Aggressive tuning doesn't always equate with improved application performance. This installment of The WebSphere Contrarian discusses why this is the case and provides some high level performance tuning guidance.

  8. Case study: Tuning WebSphere Application Server V7 for performance

    Article: IBM WebSphere Application Server supports an ever-growing range of applications, each with their own unique set of features, requirements, and services. Just as no two applications will use an application server in exactly the same way, no single set of tuning parameters will likely provide the best performance for any two different applications. Most applications will generally realize some performance improvement from tuning in three core areas: the JVM, thread pools, and connection pools.

  9. Performance Testing Protocol for WebSphere Application Server-based Applications

    Article: This article provides a protocol for conducting performance testing to determine the optimal environmental settings for an application in a variety of load scenarios. Topics include planning the performance environment, performing the actual testing, and measuring the application's performance characteristics.

  10. The WebSphere Contrarian: Back to Basics: Session Failover

    Article: Are you using HttpSession the way you're supposed to? The Java Servlet API provides the HttpSession interface for session tracking and state management across multiple request invocations so servlets can associate a given user to a series of requests. But if you're experiencing poor database or network performance, or frequent garbage collections for your application servers, then you might be using HttpSession more like an application cache

  11. WebSphere Application Server V6 Scalability and Performance Handbook

    Redbook: A discussion of the various options for scaling applications based on IBM WebSphere Application Server Network Deployment V6. This book explores how a basic WebSphere configuration can be extended to provide more computing power by better leveraging the power of each machine and by using multiple machines.

K. Virtualization

  1. The WebSphere Contrarian: Effectively leveraging virtualization with WebSphere Application Server

    Article: If you're planning on (or have already adopted) a virtualization strategy, a few simple practices can go a long way in avoiding conflicts between virtualization and IBM WebSphere Application Server.

  2. The "special sauce" inside the WebSphere CloudBurst Appliance

    Article: The secret ingredient inside the new IBM WebSphere CloudBurst™ Appliance and IBM WebSphere Application Server Hypervisor Edition isn't a secret, but it is revolutionary. This article reveals the "special sauce" inside these two products that differentiates them from general purpose provisioning and virtualization management products.

  3. Customizing with WebSphere CloudBurst, Part 5: Maintaining virtualized WebSphere Application Server environments

    Article: The IBM WebSphere CloudBurst Appliance provides the capability to create highly customized IBM WebSphere Application Server environments and then deploy them into their own cloud. However, the job of the appliance does not end once the environments have been deployed. WebSphere CloudBurst delivers users function that helps you update and maintain these environments. This article discusses how to use WebSphere CloudBurst to apply WebSphere Application Server Hypervisor Edition iFixes, fixpacks, and your own fixes to both images and actual WebSphere Application Server virtual system environments.

  4. IBM Extreme Transaction Processing (XTP) patterns: Fast and scalable asynchronous processing with WebSphere eXtreme Scale

    Article: Modern enterprise systems are being confronted with the need for more complex processing, coupled with higher loads and greater demand for resources. This reality is driving a need for separation of functional units and motivating the use of asynchronous methods to accomplish work and aggregate results. This article describes an example that brings the power and scalability of IBM WebSphere eXtreme Scale to work on the problem, providing nearly limitless flexibility and expandability to the asynchronous paradigm.

  5. Getting Started with WebSphere eXtreme Scale, Part 1: Understanding WebSphere eXtreme Scale and how it works

    Article: This introductory article offers a foundation to help you gain a technical understanding of what IBM WebSphere eXtreme Scale is, the features it provides, and the vast benefits it offers.

  6. Getting Started with WebSphere eXtreme Scale, Part 1: Understanding WebSphere eXtreme Scale and how it works

    Article: IBM WebSphere eXtreme Scale is a general-purpose, high-speed caching solution that can be configured and used in a variety of different designs. However, you can’t just blindly use the APIs provided with WebSphere eXtreme Scale and assume it will reduce the pressure on your overworked database and make your application run faster. Caching as a strategy for improving application performance must be applied judiciously and with care. This article examines a number of best practices that will help you build high performance and highly resilient WebSphere eXtreme Scale applications.

  7. Know Your Large Cache Options with WebSphere Application Server

    Article: Caching large amounts of application data doesn't always mandate the use of a 64-bit JDK in order to leverage 64-bit addressing. The ObjectGrid component of IBM WebSphere eXtreme Scale provides a 32-bit JDK alternative that you can use in your existing infrastructure without requiring additional physical memory on your servers.

  8. IBM Extreme Transaction Processing (XTP) Patterns: Scalable and robust HTTP session management with WebSphere eXtreme Scale

    Article: This article shows you how to use WebSphere Extreme Scale as a separate in-memory data grid to store HTTP sessions. After describing existing software, the article shows how Extreme Scale addresses scalability challenges in a cost effective manner and simplifies the implementation of an Extreme Scale grid.

  9. WebSphere Virtual Enterprise and Service Level Differentiation

    Article: WebSphere Virtual Enterprise can provide Service Level Differentiation for incoming requests. However, getting appropriate results requires careful configuration. This article describes the behavior of WebSphere Virtual Enterprise with regards to Service Level Differentiation and discusses how to create appropriate configurations.

L. WebSphere DataPower Appliances

  1. The (XML) threat is out there...

    Article: New technologies mean new types of attacks on systems and data. Knowing what kinds of attacks are possible is one step toward protect your environment from them. Another may be the implementation of a new type of hardware appliance like those available from DataPower.

  2. Lookin' out my back door

    Article: If your front door is the only one that's locked, would you consider your home secure? Similarly, arming your application with only basic security measures is not enough to protect it from all possible intrusions. Here are some common "back door" security mistakes and precautions you can take to avoid them, inspired by a classic rock song.

  3. Offload WebSphere Web services security tasks to IBM WebSphere DataPower SOA Appliances

    Article series: This article series guides you through the process of integrating WebSphere DataPower SOA Appliances with WebSphere Application Server to improve your secure Web service installation.

  4. Dawn of a new (DataPower) day

    Article: The latest firmware update for IBM WebSphere DataPower SOA Appliances, IBM’s most unusual and exciting product line, is chock full of important new features. DataPower appliances are poised to move into the next generation with Web 2.0 and many other enhanced capabilities.

  5. Managing WebSphere DataPower SOA Appliances via the WebSphere Application Server V7 Administrative Console

    Article: WebSphere Application Server V7 includes administrative function to manage multiple DataPower appliances using the Administrative Console (also known as the Integrated Solutions Console). This administrative function is based on the WebSphere DataPower Appliance Manager, and provides a comprehensive set of capabilities to manage multiple appliances that share the same configuration, or firmware replicas of an appliance designated as the master (primary) appliance.

  6. WS-Policy security integration between DataPower and WebSphere Application Server

    Article: This article shows you how to configure WebSphere DataPower SOA Appliance and WebSphere Application Server to implement WS-Policy for SOA service governance. User credentials are transformed in an LPTA common token format for authorization and single-sign-on between DataPower and an application hosted on WebSphere Application Server. Offloading policy management to DataPower lets WebSphere Application Server provide better application-level functionality, while DataPower provides enterprise-wide, high-performance service governance.

M. Maintenance

  1. Recommended fixes for WebSphere Application Server

    Web site: A comprehensive list of recommended, generally available (GA) fixes for WebSphere Application Server releases. Pay close attention to the vulnerability fixes that can be found by following the security bulletin link from the recommended fixes by release.

  2. The Support Authority: Introducing the new IBM Support Portal

    Article: The IBM Support Portal is the latest addition to the portfolio of self-help tools for IBM software. With its new look and feel, you get an unprecedented and consistent support interface for all IBM products -- which you can customize to suit your specific support needs.

  3. WebSphere product lifecycle dates

    Web site: Detailed information about the available IBM Software Support Lifecycle Policies to help you realize the full value of your IBM software products.


Special thanks to Tom Alcott, Keys Botzum, Russell Butek, Bill Hines, Roland Barcia, and Alexandre Polozoff for their contributions.



developerWorks: Sign in

Required fields are indicated with an asterisk (*).

Need an IBM ID?
Forgot your IBM ID?

Forgot your password?
Change your password

By clicking Submit, you agree to the developerWorks terms of use.


The first time you sign into developerWorks, a profile is created for you. Information in your profile (your name, country/region, and company name) is displayed to the public and will accompany any content you post, unless you opt to hide your company name. You may update your IBM account at any time.

All information submitted is secure.

Choose your display name

The first time you sign in to developerWorks, a profile is created for you, so you need to choose a display name. Your display name accompanies the content you post on developerWorks.

Please choose a display name between 3-31 characters. Your display name must be unique in the developerWorks community and should not be your email address for privacy reasons.

Required fields are indicated with an asterisk (*).

(Must be between 3 – 31 characters.)

By clicking Submit, you agree to the developerWorks terms of use.


All information submitted is secure.

Dig deeper into WebSphere on developerWorks

ArticleTitle=Recommended reading list: Java EE and WebSphere Application Server