Security Administration and Programming Guide

About this book

1. Security Concepts

Authentication and authorization

Public-key cryptography

Proxies and firewalls

Lines of defense

2. Securing Component Access

Client authentication

Intercomponent authentication

Intercomponent authentication for EJBs and servlets

Quality of protection

Client authorization

3. Using Web Application Security

Introduction

Authentication

Authorization

Role mapping

4. Securing TDS Client Access

TDS and MASP listeners

MASP client security

Open Server client security

5. Using SSL in Java Clients

Using SSL in Java applets

Using SSL in Java applications

Creating HTTP and HTTPS connections in Java applications

Using Java Secure Socket Extension classes

6. Using SSL in C++ Clients

Introduction

Initializing the SSL security service

ORB properties for secure sessions

Creating a manager instance

Retrieving session security information

Creating an SSL callback component

7. Using SSL in PowerBuilder Clients

8. Using SSL in ActiveX Clients

Requirements

Establishing a secure session

Using the SSLServiceProvider interface

SSL properties

Implementing an SSL callback

Retrieving session security information

9. Creating and Using Custom Security Components

Using a custom authentication service

Using a custom role service

Using a custom authorization service

Supporting external single sign-on providers

Netegrity SiteMinder Integration

10. Using the JAAS API

Introduction

Requirements

JAAS in EAServer

JAAS on the client

JAAS for connectors

Samples and debugging

11. Deploying Applications Around Proxies and Firewalls

Connecting through proxy servers

Using Web proxies

Using reverse proxies

12. Security Configuration Tasks

Configuring EAServer roles

Configuring OS authentication

Configuring OS user and group authorization

Configuring security profiles

Configuring listeners

Configuring identities

13. Managing Keys and Certificates

SSL overview

Managing keys and certificates on EAServer

Using Netscape to manage certificates on the client

14. Entrust PKI Integration

Overview

Scenarios

15. Tutorial: Using SSL

Overview of the security tutorial

Tutorial requirements

Setting up your browser

Setting up EAServer

Running the SSL sample applet

Debugging the SSL sample applet