The first time you sign into developerWorks, a profile is created for you. Select information in your profile (name, country/region, and company) is displayed to the public and will accompany any content you post. You may update your IBM account at any time.

All information submitted is secure.

The first time you sign in to developerWorks, a profile is created for you, so you need to choose a display name. Your display name accompanies the content you post on developerworks.

Please choose a display name between 3-31 characters. Your display name must be unique in the developerWorks community and should not be your email address for privacy reasons.

All information submitted is secure.

My developerWorks:

My notifications:

Sign out

Select a language:

IBM WebSphere Portal V6.0 Security Overview

WebSphere Portal Experts, WebSphere Development Team, IBM

Experts in the WebSphere Portal development team help to architect, design, and develop the WebSphere Portal products. They have extensive backgrounds in portal and related technologies. See the article for the specific set of experts who contributed to this article.

Summary: An overview of the WebSphere Portal security architecture and deployment scenarios illustrate the flexibility and breadth of options you can use to implement your own portal security infrastructure.

Date: 01 Nov 2006
Level: Advanced

Activity: 9925 views
Comments:

Get the download

This article, by the WebSphere Portal Security development team, provides portal administrators with a conceptual overview of IBM® WebSphere® Portal's security architecture so that you can decide the best security configuration for your specific portal environment. You see multiple deployment scenarios for WebSphere Portal. You learn options for handling authentication, access control, single sign-on (SSO), portlet security, and Web Services for Remote Portlets (WSRP) security. Finally, you see how to secure connections between clients and the portal as well as connections between the portal and back-end systems.

Summary

Portals provide personalized access to information, applications, processes, and people. They are central access points that authenticate users and control access to various kinds of information and applications. The nature of the content of portals can range from public information that needs no strong protection (such as articles in a news portal) to classified information within enterprises or governments.

To accommodate such different levels of security requirements, IBM WebSphere Portal must integrate with different security infrastructure components for authentication, authorization, and single sign-on (SSO) so that customers can choose the combination that best matches their security needs. For example, authentication might be as simple as requesting users to provide a user ID and password. Alternatively, it could be as sophisticated as requiring users to authenticate using a smart card, which securely stores a private key and certificate. The card provides WebSphere Portal with cryptographic computations needed to participate in SSL/TLS client authentication to build up an authenticated and secure connection between the client and the portal.

Through its modular architecture, WebSphere Portal enables integration with different authentication proxies, authorization systems, and credential vault implementations. WebSphere Portal can work with WebSphere Security, Tivoli Access Manager, and various third-party security products. It lets customers build a secure system that fits well into their particular infrastructure.

This article provides portal administrators with an overview of the WebSphere Portal security architecture, and briefly describes some basics of internet security. You see various deployment scenarios for WebSphere Portal through which you learn how it handles authentication, authorization, SSO, secure connections between clients and the portal, and secure connections between the portal and back-end systems.

Download