Skip to main content

WebSphere Application Server for z/OS V5 and J2EE 1.3 Security Handbook

An IBM Redbooks publication

Note: This is publication is now archived. For reference only.


Published on 14 June 2005, updated 22 June 2005

  1. .PDF (10.4 MB)

Share this page:   

ISBN-10: 0738490679
ISBN-13: 9780738490670
IBM Form #: SG24-6086-01

Authors: Tamas Vilaghy, Holger Wunderlich, Theo Antoff, Maria Clarke, Jorge Diaz, Ami Ehlenberger, Marcelo Eliseu, Stéphane Faure, Tom Hackett, Andrew J. Hoyt, Patrick Kappeler, Michael Kearney, Sébastien Llaurency, Edward McCarthy, Hong Min, Mark Nelson, Alain Roessle, Karl-Erik Stenfors, Dinkar Tiwari, Jason Williams, Julieta Bianchi, Michael Daubman, Steve Allison, Kevin J. Senior, Theresa Tai and Foulques de Valence

    menu icon


    What do you think of when someone mentions z/OS security? Probably of something that is trustworthy, or even impenetrable. Perhaps you also think of something that is a little complex and challenging to administer.

    What comes to mind when someone mentions Internet security? Perhaps you think of prominent Web sites that have been maliciously "hacked" or credit card numbers that have been stolen.

    Using working examples of code and configuration files, in this IBM Redbooks publication, we explain how you can run your Web-enabled applications with as high a level of security as other z/OS applications and subsystems, even if those applications were written or originally deployed on another platform, by using the Java 2 Platform Enterprise Edition (J2EE) programming model and IBM WebSphere Application Server for z/OS and OS/390.

    This book will help architects, application programmers, WebSphere and security administrators, and application and network architects to understand and use these products.

    Table of Contents

    Part 1. Introduction to WebSphere and J2EE security

    Chapter 1. WebSphere Application Server V5 security overview

    Chapter 2. Security design

    Chapter 3. J2EE 1.3 and WebSphere Application Server V5 security concepts

    Chapter 4. WebSphere Application Server application security

    Chapter 5. WebSphere application migration security aspects

    Part 2. SWIPE and our testing infrastructure

    Chapter 6. The sandbox infrastructure

    Chapter 7. The security investigation application

    Chapter 8. The security investigation applications for EIS

    Part 3. Cryptography

    Chapter 9. Using cryptographic services

    Part 4. WebSphere Application Server for z/OS security infrastructure

    Chapter 10. WebSphere Application Server runtime security

    Chapter 11. Registries

    Chapter 12. Local operating system registries

    Chapter 13. Remote registries

    Chapter 14. IBM Tivoli Access Manager and WebSphere Application Server integration

    Chapter 15. WebSphere administration and administrative security

    Chapter 16. Web container security

    Chapter 17. Security integration with the WebSphere HTTP plug-in

    Chapter 18. EJB container security

    Chapter 19. WebSphere Application Server logging and auditing

    Chapter 20. Web services security

    Appendix A. Setup and debugging guides

    Appendix B. Additional material


    Others who read this also read