12.5. Scenario 2: Protecting Web resources
This scenario shows the different techniques to protect Web resources in WebSphere using the Tivoli Access Manager.
12.5.1. Tivoli WebSEAL
WebSEAL is Access Manager’s authentication engine. It is a multi-threaded Web server capable of applying security policy through Access Control Lists, ACLs, to URLs and servlets on junctioned Web servers within Access Manager’s protected Web object space. WebSEAL is also where Access Manager provides Single Sign-On solutions and it is an integral part of the “defense in depth” strategy when used in its role as a reverse proxy server.
A reverse proxy server is placed in front of all other presentation layers of an application and interrupts the session flow from ...
Get IBM WebSphere V5.0 Security: WebSphere Handbook Series now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.