Security: Resources for learning
Use the following links to find relevant supplemental information about Securing applications and their environment. The information resides on IBM® and non-IBM Internet sites, whose sponsors control the technical accuracy of the information.
These links are provided for convenience. Often, the information is not specific to the IBM WebSphere® Application Server, but is useful in all or part for understanding the product. When possible, links are provided to technical papers and IBM Redbooks® that supplement the broad coverage of the release documentation with in-depth examinations of particular product areas.
Planning, business scenarios and IT architecture
- WebSphere Application Server Security Fundamentals
- Accessing the samples
The technology sample in the WebSphere Application Server Samples Gallery contains several security-related samples including the form login sample and the Java™ Authentication and Authorization Service (JAAS) login sample.
- WebSphere Application Server security hardening
Programming model and decisions
![[AIX Solaris HP-UX Linux Windows]](../images/ngdist.svg)
IBM Software Development Kit resource
packages and documentationThis website contains documentation, example code, and ancillary files relating to the IBM Software Development Kits (SDK). You can obtain information about the IBM implementation of Java Secure Sockets Extension (JSSE), Java Cryptography Extension (JCE), Java Generic Security Services (JGSS), iKeyman, and so on.
![[z/OS]](../images/ngzos.svg)
Java 2 security for z/OS®- Federated Identity Management and Web Services Security with IBM Tivoli® Security Solutions
Programming specifications
- Java EE Specifications
- Servlet Specifications
- Configuring Common Secure Interoperability Version 2 (CSIv2)
- Java 2 Platform, Standard Edition, v5.0 API Specification
- Java Authentication Service Provider Interface for Containers (JSR 196) Specification
- The Kerberos Network Authentication Service Version 5
- The Simple and Protected GSS-API Negotiation Mechanism
- Kerberos: The Network Authentication Protocol
Administration
![[IBM i]](../images/ngibmi.svg)
HTTP Server (powered by
Apache): An Integrated Solution for IBM
iSeries Servers, SG24-6716-00This book is designed to help you plan, install, configure, troubleshoot, and understand the HTTP Server (powered by Apache) running on your server. The book explains how to configure the HTTP server for basic authentication, access control and SSL. The document also explains the steps to implement a web application using Java and WebSphere Application Server.
- IBM developer kits
This website provides access to the IBM developer kits that are provided by the IBM Centre for Java Technology Development. Using this website, you can find various security and diagnostic information including information on the Federal Information Processing Standard, Java Version 1.4.1, Java Version 1.4.2, the iKeyman tool, and the Public Key Cryptography Standards (PKCS).
- IBM cryptographic hardware devices
- Understanding LDAP - Design and Implementation
- WebSphere security fundamentals
- z/OS 1.6 Security Services
Update
- Advanced authentication in WebSphere Application Server
- WebSphere Application Server for iSeries V6: Building Advanced Configurations