Certification Study Guide: IBM Tivoli Access Manager for e-business 6.0

Certification Study Guide: IBM Tivoli Access Manager for e-business 6.0

by Axel Buecker, Vladimir Jeremic
Released February 2006
Publisher(s): IBM Redbooks
ISBN: None

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

This IBM Redbooks publication is a study guide for IBM Tivoli Access Manager for e-business Version 6 and is meant for those who want to achieve IBM Certifications for this specific product.

The IBM Tivoli Access Manager for e-business Certification, offered through the Professional Certification Program from IBM, is designed to validate the skills required of technical professionals who work in the implementation of the IBM Tivoli Access Manager for e-business Version 6 product.

This book provides a combination of theory and practical experience needed for a general understanding of the subject matter by discussing the planning, installation, configuration and customization, programming, auditing and troubleshooting of Access Manager for e-business solutions. It also provides sample questions that will help in the evaluation of personal progress and provide familiarity with the types of questions that will be encountered in the exam.

This publication does not replace practical experience, nor is it designed to be a stand-alone guide for any subject. Instead, it is an effective tool which, when combined with education activities and experience, can be a very useful preparation guide for the exam.

Table of contents

  1. Notices
    1. Trademarks
  2. Preface
    1. The team that wrote this redbook
    2. Become a published author
    3. Comments welcome
  3. Chapter 1: Certification overview
    1. IBM Professional Certification Program
      1. Benefits of certification
      2. Tivoli Software Professional Certification
    2. Access Manager for e-business V6.0 certification
      1. Job description and target audience
      2. Prerequisites
      3. Test 876 objectives (1/2)
      4. Test 876 objectives (2/2)
    3. Recommended educational resources
      1. Courses
      2. Publications
  4. Chapter 2: Planning
    1. Access management overview
    2. Core components
      1. User registry
      2. Policy Server
      3. WebSEAL
      4. Plug-In for Web servers
      5. Plug-In for Edge Server
    3. Management components
      1. Web Portal Manager
    4. Additional components
      1. Policy Proxy Server
      2. Authorization service
      3. Access Manager Session Management Server
      4. Access Manager for Microsoft .NET Applications
      5. WebSphere Application Server integration
      6. Access Manager for BEA WebLogic Server
    5. Interfaces
      1. Tivoli Access Manager Authorization API (aznAPI)
      2. Administration API
      3. External authentication interface (EAI)
      4. Java API for Access Manager
      5. Access Manager-based authorization for Microsoft .NET
    6. Placing components in a network
      1. IBM Global Security Kit (GSKit)
      2. Sizing and availability
    7. Upgrade considerations
      1. Additional upgrade considerations
      2. Useful commands for the upgrade process
  5. Chapter 3: Installation
    1. Installation overview
      1. User registry
      2. Installation methods
    2. Base components
      1. GSKit
      2. LDAP client
      3. Tivoli Security Utilities
      4. Access Manager License (PDlic)
      5. Access Manager Runtime (PDRTE)
      6. Access Manager Policy Server (PDMgr)
      7. Access Manager Authorization Server (PDAcld)
      8. Access Manager Policy Proxy Server (PDProxy)
      9. Tivoli Access Manager development (PDAuthADK) system
      10. Access Manager Runtime for Java (PDJRTE)
      11. Access Manager Web Portal Manager (PDWPM)
    3. Web security components
      1. Web Security Runtime (PDWebRTE)
      2. WebSEAL (PDWeb)
      3. The Plug-in for Edge Server (PDPlgES)
      4. WebSEAL ADK (PDWebADK)
      5. Plug-in for Web Servers (PDWebPI)
      6. Attribute Retrieval Service (PDWebARS)
      7. Access Manager for WebLogic Server (PDWLS)
    4. Setting up a Session Management Server (PDSMS)
      1. Session Management Server administrative interfaces
  6. Chapter 4: Configuration and customization
    1. Basic customization tasks
      1. Secure domain
      2. Protected object space
      3. Users and groups
      4. Security policy (1/3)
      5. Security policy (2/3)
      6. Security policy (3/3)
      7. Default security policy
    2. WebSEAL customization
      1. Authentication and single sign-on mechanisms
    3. Supported WebSEAL authentication mechanisms
      1. Basic authentication with user ID and password
      2. Forms-based login with user ID and password
      3. Authentication with X.509 client certificates
      4. Failover authentication
      5. Authentication with RSA SecurID token
      6. Windows desktop single sign-on (SPNEGO)
      7. Authentication using customized HTTP headers
      8. Authentication based on IP address
    4. Advanced WebSEAL authentication methods
      1. MPA authentication
      2. Switch user authentication
      3. Re-authentication
      4. Authentication strength policy (step-up)
      5. External authentication interface (EAI)
      6. No authentication
    5. Standard junctions
      1. WebSEAL object space and authorization configuration
      2. Creating a local type standard junction
      3. URL filtering
      4. The challenges of URL filtering
    6. Virtual host junction
      1. Creating a remote type virtual host junction
      2. Defining interfaces for virtual host junctions
    7. Transparent path junctions
    8. Advanced junction configuration
      1. Mutually authenticated SSL junctions
      2. WebSEAL-to-WebSEAL junctions over SSL
      3. Stateful junction
      4. Junction throttling
      5. Supporting not case-sensitive URLs
      6. Junctioning to Windows file systems
    9. WebSEAL single sign-on mechanisms
      1. Tivoli Global Sign-On (GSO) lockbox
      2. Forms-based single sign-on
      3. Single sign-on using HTTP BA headers
      4. Supplying identity information in HTTP headers
      5. Using LTPA authentication with WebSEAL
    10. SSO across Access Manager domains
      1. Cross-domain mapping framework
      2. Cross-domain single sign-on
      3. e-community single sign-on (1/2)
      4. e-community single sign-on (2/2)
    11. Session Management Server
      1. WebSEAL Session Management Server configuration
  7. Chapter 5: Programming
    1. External authentication interface
      1. External authentication C API
    2. Authorization API overview
      1. Configuration of an aznAPI application
      2. Entitlement service interface
      3. External Authorization Service (EAS)
  8. Chapter 6: Auditing and troubleshooting
    1. Native auditing
      1. Native auditing configuration (1/2)
      2. Native auditing configuration (2/2)
      3. Auditing using logaudit
      4. WebSEAL HTTP logging
      5. XML output of native audit events
    2. Common Auditing and Reporting Service
      1. Audit infrastructure
      2. Reporting
      3. Common Auditing and Reporting Service configuration (1/2)
      4. Common Auditing and Reporting Service configuration (2/2)
    3. Troubleshooting techniques
      1. Routing files
      2. Java properties files
      3. Message event logging
      4. Trace event logging
      5. Troubleshooting WebSEAL servers
      6. Diagnostic utilities
  9. Appendix A: WebSEAL junction options (1/2)
  10. Appendix A: WebSEAL junction options (2/2)
  11. Appendix B: Sample questions
    1. Questions
    2. Answer Key
  12. Related publications
    1. IBM Redbooks
    2. Other publications
    3. Online resources
    4. How to get IBM Redbooks
    5. Help from IBM
  13. Index (1/3)
  14. Index (2/3)
  15. Index (3/3)
  16. Back cover

Product information

  • Title: Certification Study Guide: IBM Tivoli Access Manager for e-business 6.0
  • Author(s): Axel Buecker, Vladimir Jeremic
  • Release date: February 2006
  • Publisher(s): IBM Redbooks
  • ISBN: None