Security for WebSphere Applications

This is the definitive course for all those who will be dealing with the security aspects that are critical for web applications running in a WebSphere Application Server environment. The course introduces and explains global security, administrative security, application security and Java 2 security, using the features of security domains and cell-wide security that have been available since V7. This includes defining security constraints and security roles for web applications. Different repositories can be used, including federated, local, and custom repositories, which are all explained and configured in detail. together with the VMM (Virtual Member Manager) which allows security to function with or without all of its repositories available. Following on from this, SSL, Encryption, Digital Signatures, and certificates are explained in great detail plus SSL Cell configuration, including trust stores, keystores, plugin keystores, expiration of certificates and replacement. In addition, SSL between WebSphere and DB2 and single sign on is explained. Security must be hardened by addressing different areas, such as web server, configuration files, SSL, etc. However, problems will occur and, by looking at logs and traces, these problems can be resolved quickly. Performance tools are also explained, so that secure applications can be fine-tuned to run more smoothly. The course combines formal classroom teaching with numerous practical, hands-on sessions.