- describe the set-up of global security, administrative security, application security and Java 2 security
- configure administrative security for particular users to gain different access to the admin console
- set up security domains for admin security and application security
- set up the security cache and security auditing features
- create a secure web application using security constraints and security roles and mapping to specific groups and users
- configure the VMM
- explain the Public Key Infrastructure
- describe digital certificates and digital signatures using both Certificate Authorities and Self Signed Certificates
- configure SSL for JDBC connections and within the cell
- understand and setup cross cell authentication
- explain the new application policy sets that can be installed to define the integrity and confidentiality of messages and transactions for Web Services
- understand the use of CSIv2 when securing client to server applications
- use logs and traces to recognise problems
- use performance tools, recognise performance problems and tune accordingly.
Objectives & topics; WAS security implementation; Administrative security; Secure System Administration; Federated repositories feature; Simplified certificate and key management; Tips for configuring default security; Secure processes; Extensible, layered security infra-architecture; J2EE security features compared; Java2 security; JAAS (Java Authentication and Authorization Service; J2EE security roles; J2EE security the full picture explained; SSL - Secure Sockets Layer; Authentication; External WAS security components; JACC - Java Authorization Contract for Containers; J2EE Application Security (focus on); Security roles; Taken from EJB specification; EJB specification translated; J2EE container based security; Configuring application security; handling security role mappings from Admin console; Securing J2EE components in practice; Web components; Web module; Securing EJBs; Security Cache, Multiple Security Domains; Different application security realms.Virtual Member Manager
Objectives & topics; How does it work; different types of VMM; configuring the VMM using default adapters; configuring VMM with Property Extension Repository (PER) and Entry Mapping Repository (EMR); configuring database repository in VMM.SSL and Encryption
Objectives and Topics; Cryptography in Internet applications; Public key cryptography overview; What is a digital certificate?; Public key & certificate; Uses for certificates in applications; CA and self signed certificates; Auto replacement of certificates; autosecurity and privacy; firewalls and encryption; Secure Sockets Layer; Secure communications using SSL; SSL administration.CSIv2
Objectives and Topics; Overview of CSIv2; the protocol; three layers of authentication; identity assertion and mapping; security attribute propagation; configuration on the client and the server,Troubleshooting Made Easy?
Objectives & topics; Resources for problem determination; Console messages; Log Files; WAS logs overview; Basic format for log/trace entry; If logs are not enough; To trace or not to trace; Trace strings; Web Server - Web container: mind the gap!; HTTP Server logs; Dump Name Space; Thread analyzer; Collector tool; First Failure Data Capture logs; HTTP session monitoring; Product installation information; Log and Trace analyzer for Autonomic Computing.Security Performance
Objectives & topics; Performance enhancing technologies; Performance data; Transaction oriented; Built-in performance booster; Performance data and tools; PMI overview; PMI data; Performance data hierarchy; PMI data organization; Tivoli Performance Viewer; Performance Advisors; Performance (PMI) Servlet; JVMPI facility; PMI request metrics; Request Metrics functionality; What's the point?; Current architecture; Configuring Request Metrics; Limit the monitoring; Request Metrics output; Application Response Measurement (ARM); Dynamic Cache (optional section); Dynamic Cache functionality; What can be cached?; How it works; Dynamic Cache setup; Dynamic Cache monitoring; Security Cache and Auditing.