Download Safari Books Online apps: Apple iOS | Android

Entire Site

Safari Books Online

    Free Trial

    Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

    Start ReadingShareBuy Print Version
    Single Sign-On Solutions for IBM FileNet P8

    • Single Sign-On Solutions for IBM FileNet P8

    • By: Axel Buecker; Simon Canning; Jay Devaney; Guillermo Rios; Satoshi Takahashi

    • Publisher: IBM Redbooks

    • Pub. Date:

    • Part Number: SG24-7675-00

    • Pages in Print Edition: 296

    • Subscriber Rating: 0 out of 5 rating0 [0 Ratings]

    ebooken
    Subscriber Reviews • Browse Similar Topics

    Overview

    Authentication is the act of verifying a user's identity based on the credentials that they have presented. Establishing each user's identity is a critical first step in any client/server based system. In this IBM® Redbooks® publication, we present an overview of the set of authentication options in the IBM FileNet® P8 V4.0 release.
    The two standards at the core of the authentication process in IBM FileNet P8 V4.0 are the Java™ Authentication and Authorization Service (JAAS) standard and the Web Services Security standard (WS-Security). The JAAS standard forms the framework for security interoperability in the J2EE™ world, while the WS-Security standard forms the framework for security interoperability in the heterogeneous world of clients and servers that communicate through Web services interfaces. IBM FileNet customers rely on a variety of authentication technologies to secure their corporate intranets. By implementing and adhering to these two standards, IBM FileNet P8 V4.0 enables a wide range of authentication integrations.
    This book is a valuable resource for security officers, access management administrators, and architects who wish to better understand single sign-on options for the IBM FileNet P8 V4.0 solution.

    Subscriber Reviews

    Average Rating: 0 out of 5 rating Based on 0 Ratings

    No Subscribers have provided a review for this book.

    Table of Contents

     

    View Sample
    Notices
    View Sample

    Trademarks

    View Sample
    Preface
    View Sample

    A word of caution

    View Sample

    The team that wrote this book

    View Sample

    Become a published author

    View Sample

    Comments welcome

    View Sample

    Part 1. Architecture and design

    View Sample

    Download ChapterDownload Chapter
    0 Tokens    Chapter 1. Business context for single sign-on in an Enterprise Content Management environment

    View Sample
    1.1. What single sign-on is
    View Sample

    1.1.1. Three classes of single sign-on

    View Sample

    1.2. Benefits of a single sign-on solution

    View Sample
    1.3. Single sign-on and Enterprise Content Management
    View Sample

    1.3.1. The ECM point of view

    View Sample

    1.3.2. P8 authentication overview

    View Sample

    1.3.3. P8 authorization overview

    View Sample

    1.3.4. SOA identity propagation overview

    View Sample

    Download ChapterDownload Chapter
    0 Tokens    Chapter 2. Single sign-on architecture and component design

    View Sample
    2.1. IBM FileNet P8 architecture overview
    View Sample

    2.1.1. Architecture of an IBM FileNet P8 system

    View Sample

    2.1.2. Content Engine architecture

    View Sample

    2.1.3. Process Engine architecture

    View Sample

    2.1.4. Directory service integration

    View Sample

    2.1.5. Java based client authentication through JAAS

    View Sample

    2.1.6. Web service based client authentication through WS-Security

    View Sample

    2.1.7. Application Engine authentication

    View Sample

    2.1.8. Process Engine authentication

    View Sample
    2.2. Simple Protected GSSAPI Negotiation Mechanism architecture overview
    View Sample

    2.2.1. What SPNEGO is

    View Sample

    2.2.2. How SPNEGO works

    View Sample
    2.3. Tivoli Access Manager architecture overview
    View Sample

    2.3.1. Basic architecture of Tivoli Access Manager for e-business

    View Sample

    2.3.2. Providing single sign-on functionality

    View Sample

    2.3.3. Access Manager single sign-on flow

    View Sample
    2.4. Tivoli Federated Identity Manager architecture overview
    View Sample

    2.4.1. Trust Service

    View Sample

    2.4.2. Identity propagation patterns

    View Sample

    2.5. Conclusion

    View Sample

    Part 2. Technical single sign-on implementations

    View Sample

    Download ChapterDownload Chapter
    0 Tokens    Chapter 3. Customer overview

    View Sample
    3.1. Company profile
    View Sample

    3.1.1. Geographic distribution of GCBI

    View Sample

    3.1.2. GCBI marketplace position

    View Sample
    3.2. Current IT architecture
    View Sample

    3.2.1. Overview of the GCBI network

    View Sample

    3.2.2. Current Filenet P8 infrastructure

    View Sample

    3.2.3. Windows server and desktop environment

    View Sample

    3.3. Corporate business vision and objectives

    View Sample

    3.4. Business requirements

    View Sample

    3.5. Functional requirements

    View Sample

    3.6. Solution approaches

    View Sample

    3.7. Non-functional requirements

    View Sample

    3.8. Conclusion

    View Sample
    Download ChapterDownload Chapter
    0 Tokens    Chapter 4. Single sign-on using Tivoli Access Manager for e-business
    View Sample

    4.1. Customer requirements

    View Sample
    4.2. Step-by-step configuration
    View Sample

    4.2.1. Prerequisites

    View Sample

    4.2.2. Tivoli Access Manager for e-business configuration

    View Sample

    4.2.3. Configure Access Manager Java runtime

    View Sample

    4.2.4. Enable the TAI++ interceptor on WebSphere Application Server

    View Sample

    4.2.5. Verify the TAI++ interceptor function

    View Sample

    4.2.6. Deploy the P8 AE application

    View Sample

    4.2.7. Additional configuration steps for SPNEGO authentication

    View Sample

    4.3. Integration test

    View Sample

    4.4. Conclusion

    View Sample
    Download ChapterDownload Chapter
    0 Tokens    Chapter 5. Single sign-on using SPNEGO
    View Sample

    5.1. GCBI user experience improvement

    View Sample
    5.2. Step-by-step configuration
    View Sample

    5.2.1. Prerequisites

    View Sample

    5.2.2. Creating a Kerberos service principal and keytab file

    View Sample

    5.2.3. Creating the Kerberos configuration file

    View Sample

    5.2.4. Configure the SPNEGO TAI interceptor

    View Sample

    5.2.5. Configure SPNEGO TAI interceptor on JVM

    View Sample

    5.2.6. Configure the Web browsers to support SPNEGO

    View Sample

    5.2.7. Quick test for SPNEGO single sign-on

    View Sample

    5.2.8. Troubleshooting SPNEGO

    View Sample

    5.2.9. Deploy the FileNet P8 Application Engine

    View Sample

    5.2.10. Integration test for P8 AE and SPNEGO

    View Sample

    Download ChapterDownload Chapter
    0 Tokens    Chapter 6. Single sign-on using Tivoli Federated Identity Manager

    View Sample
    6.1. Overview
    View Sample

    6.1.1. Partners involved

    View Sample

    6.1.2. Installation overview

    View Sample

    6.1.3. Prerequisites and assumptions

    View Sample

    6.2. IBM FileNet P8 and Federated Identity Manager solution

    View Sample
    6.3. Solution components
    View Sample

    6.3.1. Sample Web service client

    View Sample

    6.3.2. Federated Identity Manager FileNet Interceptor

    View Sample

    6.3.3. FileNet Content Engine Web Service

    View Sample

    6.3.4. Trust chain

    View Sample

    6.3.5. E-mail to user name and password mapping module

    View Sample
    6.4. Configuration
    View Sample

    6.4.1. Configuring the TFIMFileNetP8Interceptor

    View Sample

    6.4.2. Configuring a trust chain

    View Sample
    6.5. Testing the approach
    View Sample

    6.5.1. Sample FileNet P8 CEWS test client

    View Sample

    6.5.2. Information flow

    View Sample

    6.6. Conclusion

    View Sample
    Download ChapterDownload Chapter
    0 Tokens    Appendix A. Content Engine Web Service client
    View Sample

    Overview

    View Sample
    Installation and configuration instructions
    View Sample

    Setting the WebSphere variables for WSSM

    View Sample

    Configuring the WSSM shared library

    View Sample

    Configuring a classloader for the application server

    View Sample

    Installing the sample FileNet CEWS SAML 2.0 Client application

    View Sample

    Setting up a FileNet CEWS SAML 2.0 Client user and mapping a role

    View Sample

    Configuring TCPMon to relay FileNet CEWS SAML 2.0 Client requests

    View Sample

    Conclusion

    View Sample
    Download ChapterDownload Chapter
    0 Tokens    Appendix B. Additional material
    View Sample

    Locating the Web material

    View Sample
    Using the Web material
    View Sample

    How to use the Web material

    View Sample
    Related publications
    View Sample

    IBM Redbooks

    View Sample

    Other publications

    View Sample

    Online resources

    View Sample

    How to get Redbooks

    View Sample

    Help from IBM

    View Sample

    Index

    View Sample

    Back cover