List of Figures

 < Day Day Up > 


Figure 1: A Secure Portal residency team

Chapter 1: Introduction

Figure 1-1: Sample home page of a portal
Figure 1-2: A high-level architectural view of WebSphere Portal
Figure 1-3: Identity management blueprint
Figure 1-4: Example of systems in a secure domain for Tivoli Access Manager for e-business

Chapter 2: Requirements and Design

Figure 2-1: Secure portal use case diagram
Figure 2-2: Secure portal functional view
Figure 2-3: Secure portal operational view

Chapter 4: Installing the Runtime Environment

Figure 4-1: Product mapping for the secure portal
Figure 4-2: Create User with Administrator privileges
Figure 4-3: Select Password never expires
Figure 4-4: Wasadmin properties
Figure 4-5: Assign rights to Newly Created User
Figure 4-6: Act as part of the operating system policy setting
Figure 4-7: Log on as a service policy setting
Figure 4-8: WebSphere Portal Multiplatforms installation initialization
Figure 4-9: WebSphere Portal Multiplatforms Installer
Figure 4-10: WebSphere Portal Multiplatforms Software License Agreement
Figure 4-11: WebSphere Portal Multiplatforms installation type
Figure 4-12: WebSphere Application Server installation location
Figure 4-13: IHS installation location
Figure 4-14: Administrator login details
Figure 4-15: Invalid userid or password
Figure 4-16: WebSphere Application Server host details
Figure 4-17: WebSphere Portal installation directory
Figure 4-18: Portal admin details
Figure 4-19: WebSphere Portal Server ready to install
Figure 4-20: WebSphere Portal Server preparing for installation
Figure 4-21: Searching for JVM
Figure 4-22: Installing WebSphere Application Server
Figure 4-23: Installing WebSphere Application Enterprise Server
Figure 4-24: Installing WebSphere Portal Server 5.0
Figure 4-25: Starting WebSphere Portal Server
Figure 4-26: Installing portlets
Figure 4-27: Installation successful
Figure 4-28: WebSphere Portal Server First Steps
Figure 4-29: Test WebSphere Portal Server Portal Pages
Figure 4-30: WebSphere Portal Server login
Figure 4-31: WebSphere Portal Server Welcome page
Figure 4-32: WebSphere Portal Server Welcome page without Internet access
Figure 4-33: Start installing LDAP server
Figure 4-34: IDS installation
Figure 4-35: IBM DB2 configuration options
Figure 4-36: DB2 Administrator password
Figure 4-37: Installing DB2
Figure 4-38: Installing IBM HTTP Server
Figure 4-39: Installing IDS
Figure 4-40: IDS Installation continues
Figure 4-41: Installation completed
Figure 4-42: Retrieving server schema
Figure 4-43: DMT main window
Figure 4-44: Container Empty Error Message
Figure 4-45: LDAP directory view
Figure 4-46: IDS installation wizard
Figure 4-47: IDS client type
Figure 4-48: IDS client features
Figure 4-49: IDS client settings
Figure 4-50: GSK installation
Figure 4-51: Installing IDS
Figure 4-52: IDS client readme
Figure 4-53: IDS Client - LDAP search results
Figure 4-54: IBM TAM Policy Server installation window
Figure 4-55: IBM TAM Runtime Configuration Options
Figure 4-56: IBM TAM Policy Server configuration options
Figure 4-57: IBM TAM Policy Server successful install
Figure 4-58: IBM TAM Authorization Server Installation window
Figure 4-59: IBM TAM Authorization Server options
Figure 4-60: IBM TAM Authorization Server successful installation
Figure 4-61: IBM TAM WebSEAL Server installation
Figure 4-62: Access Manager WebSEAL Server configuration options
Figure 4-63: IBM TAM WebSEAL Server successful installation
Figure 4-64: Access Manager for e-business configuration
Figure 4-65: Objects created in TAM repository
Figure 4-66: TAM for WebSEAL

Chapter 5: Configuring the Runtime Environment

Figure 5-1: Editing the Portal Users.ldif file
Figure 5-2: Configuring Portal and LDAP - ldapadd
Figure 5-3: Configuring Portal and LDAP - ldapsearch results
Figure 5-4: IBM Directory Management
Figure 5-5: Rebind to Directory
Figure 5-6: Edit on LDAP ACL - cn=users
Figure 5-7: Adding a Subject to the Edit on LDAP ACL - cn=users
Figure 5-8: Edit on LDAP ACL - cn=groups,dc=ibm,dc=com
Figure 5-9: Final edit on LDAP ACL for groups
Figure 5-10: Open pd_ldapkey.kdb file
Figure 5-11: Password prompt
Figure 5-12: pdldap certificate
Figure 5-13: Key management utility Console
Figure 5-14: Open DummyServerTrustFile.jks
Figure 5-15: Key file Certificates List
Figure 5-16: Adding CA's Certificate
Figure 5-17: List of Signer Certificates
Figure 5-18: Open cacerts file
Figure 5-19: Complete set of keyfile certificates
Figure 5-20: Open pd_ldapkey.arm file
Figure 5-21: Check Signer Certificates list
Figure 5-22: Edit the slapd32.conf file
Figure 5-23: Start WebSphere Application Server
Figure 5-24: Edit wmm.xml file
Figure 5-25: Setting the password for a key ring database file
Figure 5-26: Properties for IHS_SSL self-signed certificate
Figure 5-27: IHS Personal Certificates
Figure 5-28: IHS_SSL Extract Certificate dialog
Figure 5-29: Setting IHS Admin password
Figure 5-30: Verifying HTTP hostname
Figure 5-31: Setting the SSL server port
Figure 5-32: HTTP Module Sequence
Figure 5-33: Adding IBM SSL module
Figure 5-34: Creating a new virtual host
Figure 5-35: Virtual Host definition
Figure 5-36: Enabling Server Security
Figure 5-37: Enabling Server Security
Figure 5-38: Restart server icon
Figure 5-39: Logging into WebSphere Administrative Console
Figure 5-40: WebSphere Administrative Console startup page
Figure 5-41: Updating Virtual Hosts
Figure 5-42: Adding a port
Figure 5-43: Updating plug-in configuration
Figure 5-44: Extracting Plugin certificate
Figure 5-45: Deleting additional Signer Certificates
Figure 5-46: WebSphere Application Server Key Ring database
Figure 5-47: Remaining Signer Certificates in DummyServerTrustFile
Figure 5-48: Importing WebSphere Application Server Signer Certificate into Plugin Key Ring Database
Figure 5-49: Final Signer Certificates in DummyServerTrustFile
Figure 5-50: Restricting Web container ports
Figure 5-51: HTTP Transports to delete in server1 Web container
Figure 5-52: HTTP Transports to delete in WebSphere_Portal Web container
Figure 5-53: Port added to default_host Virtual Hosts definition
Figure 5-54: Enabling client authentication
Figure 5-55: Client Authentication Certificate selection browser dialog
Figure 5-56: Exporting Plugin Key dialog
Figure 5-57: Password protection dialog for exported certificates
Figure 5-58: WebSEAL Key Database - Signer Certificates
Figure 5-59: New WebSEAL Self-signed certificate
Figure 5-60: Enable Trust Association
Figure 5-61: Trust Association properties
Figure 5-62: TAI test
Figure 5-63: Newly created user in TAM accessing WebSphere Portal - Edit my profile page
Figure 5-64: Logout screen
Figure 5-65: Signup link removed
Figure 5-66: IHS Key Database - Signer Certificates
Figure 5-67: IHS Mutual SSL Authentication configuration
Figure 5-68: Adding a Login Module
Figure 5-69: Adding WebSEALLoginModule Custom Property to Login Module
Figure 5-70: Login Modules created for Portal_Login Application Login
Figure 5-71: Adding PDLoginModule Custom Porperty to Login Module
Figure 5-72: Login Modules created for Portal_SubjectRebuild Application Login
Figure 5-73: TAM authorization
Figure 5-74: Adding debug to Login Modules
Figure 5-75: Resource Permissions portlet
Figure 5-76: My Portal Resource Permission
Figure 5-77: YourCo Financial Resource Permissions
Figure 5-78: YourCo Financial User Role Members
Figure 5-79: YourCo Financial Administrator Role Members
Figure 5-80: Assigning explicit members to a role
Figure 5-81: YourCo Financial Administrator Role with explicit members
Figure 5-82: YourCo Financial - Home page User Role members
Figure 5-83: Successful externalization
Figure 5-84: Externalized versus internalized resource
Figure 5-85: Externalizing virtual resource
Figure 5-86: Portlets externalized
Figure 5-87: Externalized portlet applications

Chapter 6: Sample Use Cases

Figure 6-1: Access Manager authentication dialog
Figure 6-2: Personalized Welcome Page
Figure 6-3: LDAP directory User Profile data
Figure 6-4: Access Manager User Profile data
Figure 6-5: Edit my profile page
Figure 6-6: Changed fields in Profile
Figure 6-7: Profile edit confirmation window
Figure 6-8: Changed LDAP directory User Profile data
Figure 6-9: Changed Access Manager User Profile data
Figure 6-10: Choosing to edit a portlet
Figure 6-11: Edit window for My Vertical News portlet
Figure 6-12: Portlet customization - News Categories
Figure 6-13: Portlet customization - Number of headlines
Figure 6-14: Portlet customization - results
Figure 6-15: Commands to create a user
Figure 6-16: YourCo Financial anonymous user page
Figure 6-17: TAM object space
Figure 6-18: Displaying acl details
Figure 6-19: Removing Unauthenticated group from acl
Figure 6-20: YourCo Financial page with updated acl

Appendix A: Access Control Model in WebSphere Portal V5

Figure 6-21: Role type definition and hierarchy

 < Day Day Up > 

Secure Portal. Using Websphere Portal V5 and Tivoli Access Manager V4. 1
A Secure Portal Using Websphere Portal V5 and Tivoli Access Manager V4.1
ISBN: 073849853X
EAN: 2147483647
Year: 2003
Pages: 73
Authors: IBM Redbooks © 2008-2017.
If you may any questions please contact us: