Web browser

Many of the Common Services components are browser-based, specifically their user interface. Some things to consider for browser security are shown in the following list:
  • To keep the communications between the browser and WebSphere® Application Server secure, ensure that only Transport Layer Security (TLS) is used to encrypt the data. TLS is frequently referred to as the older standard, SSL (Secure Sockets Layer). For more information about securing the browser sessions, see Browser data security.
  • HTTP headers add more security by restricting what capabilities and actions intermediary servers and browsers allow. These headers are configured as system properties in Control Center. For more information about configuring HTTP headers, see System properties page.
  • Secure cookies. For more information about securing cookies, see Setting up security for WebSphere.

Additional information

The following topics contain more information about browser security.