WebSphere Application Server V7 Security

This three-day instructor-led course covers security topics that are critical for advanced application server security configuration for WebSphere Application Server V7. The course begins with a general discussion of the three major parts of global security: administrative security, application security, and Java 2 security. Students use security domains to configure cell-wide access. They then configure fine-grained security to the administrative console and configure application security by defining security constraints and security roles for a web application. Students also learn about the implications of application security by mapping special subjects and user groups to security roles. This course presents the core concepts of federated repositories. Students create a federated repository using a file-based repository and add a LDAP server to the configuration. They secure the connection between the application server and the LDAP server, and learn to configure and manage a VMM security connection feature that allows the VMM to function either with or without all of its repositories available. SSL is covered through extensive discussions about encryption technologies, digital signatures, the SSL handshake, and certificates. The course also provides additional information on SSL in the cell, including cell default trust stores, node keystores, plug-in keystores, certification expiration, and auto replacement. Lab exercises demonstrate both SSL configuration within the application server and the configuration of SSL between the application server and DB2 database. Students learn about the performance cost of security features in the application server, including core J2EE, messaging, and web services. A hands-on exercise on performance tuning lets students discuss techniques and trade-offs for tuning the security performance of the runtime environment. For information on other related WebSphere courses, visit the WebSphere Education Training Paths website: