Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

Share this Page URL

Chapter 4: Configuration and customization > WebSEAL customization - Pg. 113

4.2 WebSEAL customization Different approaches are needed to provide different types of user access (for example, unrestricted access or restricted access with passwords, SecurID tokens, or PKI certificates) to a variety of back-end applications. This flexibility should be provided within one security solution, and the management of this security solution must support both centralized and distributed security administration groups, while maintenance of the Web applications can be done by other individual groups. WebSEAL can enforce a high degree of security in a secure domain by requiring users to provide proof of their identity. The following conditions apply to the WebSEAL authentication process: WebSEAL supports several authentication methods by default, and can be customized to use other methods. When both server and client require authentication, the exchange is known as mutual authentication . The WebSEAL server process is independent of the authentication method. The result of successful authentication to WebSEAL is a Tivoli Access Manager user identity. WebSEAL uses this identity to build a credential for that user.