Chapter 6. Incorporating IBM Tivoli Access Manager for e-business 197
6.7.1 Applying Tivoli Access Manager ACLs to new LDAP suffixes
When Tivoli Access Manager V5.1 is configured, it attempts to apply appropriate
access control in the form of access control lists (ACLs) to every LDAP suffix that
exists at the time in the LDAP server. In our example, we created the LDAP suffix
o=ibm,c=us after we configured Tivoli Access Manager. For this reason, we must
manually apply Tivoli Access Manager ACLs to the suffix.
Here, we describe how to apply Tivoli Access Manager ACLs to a new LDAP
suffix using an LDIF file import in the Tivoli Directory Server. Our sample code
includes c:\6325code\config\ldap\tam-acls.ldif. If you choose to import ACLs
through the ldif, you can skip the rest of this section.
To apply IBM Tivoli Access Manager ACLs to a new LDAP suffix, complete the
following steps:
1. Copy the c:\6325code\config\ldap\tam-acls.ldif file to the c:\temp directory.
2. Modify the tam-acls.ldif file for your suffix.
3. From the command line, execute the following command. In our example:
ldapmodify -h phoenix.itsc.austin.ibm.com -D cn=root -w <password> -i
c:\temp\tam-acls.ldif
6.7.2 Defining additional MIME types for WebSphere Application
Server
By default, WebSphere Application Server V5 is not configured with MIME types
for Java Archive files and Microsoft ActiveX Control files. These MIME types are
commonly used by back-end Web applications, such as Lotus components
included in IBM WebSphere Portal Extend for Multiplatforms V5.0.2. When using
Tivoli Access Manager WebSEAL, the MIME type must be defined in response
headers in order for the response to be passed through WebSEAL.
Table 6-2 on page 198 lists the MIME type definitions that we add in this section.
If your portlet application uses other MIME types not found by default within
WebSphere Application Server, follow the same procedure to add the MIME type
definitions.
Note: For more information about applying Tivoli Access Manager ACLs to a
new LDAP suffix, refer to Appendix D, “Managing user registries,” in IBM Tivoli
Access Manager Base Administration Guide, V5.1, SC32-1360.
Get WebSphere Portal Collaboration Security Handbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
