IBM Official Manual for Tivoli Access Manager WebSEAL

Page 20

￿￿￿. Tivoli Access Manager ￿￿ ￿￿￿￿ ￿￿ Tivoli Access Manager ￿￿

￿ ￿￿￿￿(third-party)￿￿￿￿￿￿￿ ￿￿￿ ￿￿￿ ￿￿ ￿￿ ￿ ￿￿￿ ￿￿￿

￿￿.

WebSEAL￿ ￿ ￿￿ ￿￿￿ ￿￿ Tivoli Access Manager ￿￿ ￿￿ ￿￿￿￿￿￿. WebSEAL￿ ￿￿ ￿ ￿￿￿ ￿￿￿￿ ￿￿￿ ￿￿￿￿ ￿￿￿ ￿￿￿￿￿ ￿ ￿￿￿

￿￿.

Tivoli Access Manager Plug-in for Web Servers￿ Tivoli Access Manager￿ ￿

￿￿￿ ￿ ￿￿￿ ￿￿ ￿￿ ￿￿￿￿ ￿￿￿￿￿. ￿ ￿￿￿￿￿ ￿ ￿￿￿ ￿￿￿ ￿

￿￿￿￿ ￿￿￿ ￿￿￿￿ ￿￿￿￿ ￿ ￿￿￿ ￿￿￿￿￿￿ ￿￿ ￿￿￿ ￿￿￿￿ ￿

￿￿ ￿￿￿￿ ￿￿￿￿ ￿￿￿ ￿￿ ￿￿￿ ￿￿￿￿￿.

Tivoli Access Manager Plug-in for Web Servers ￿ WebSEAL￿ ￿￿ ￿￿ ￿￿

￿ ￿￿￿￿ ￿￿￿￿ ￿ ￿￿￿￿￿￿ ￿￿￿ ￿￿￿ ￿￿ policy￿ ￿￿￿￿ ￿ ￿

￿￿￿.

IBM Tivoli Access Manager￿ ￿￿ ￿￿￿ ￿￿￿￿ ￿￿ ￿￿￿ ￿￿￿ ￿ ￿￿￿

￿￿￿ ￿￿￿￿ Tivoli Access Manager￿ ￿￿ ￿ ￿￿￿￿ ￿￿ ￿ ￿￿￿￿. ￿

￿￿ ￿￿￿￿ ￿￿ Tivoli Access Manager ￿￿￿ ￿￿￿ ￿￿￿￿ ￿￿￿￿.

Tivoli Access Manager ￿ WebLogic ￿￿ ￿￿

Tivoli Access Manager for WebLogic, ￿￿ 5.1￿ ￿￿￿ ￿￿￿￿￿.

vBEA WebLogic Server ￿￿ 7.0 SP2

vBEA WebLogic Server ￿￿ 8.1 SP1

Tivoli Access Manager for WebLogic ￿￿ 5.1￿ SSPI(Security Service Provider Interface)￿ ￿￿￿￿ BEA WebLogic Server￿ ￿￿ ￿￿ ￿￿ ￿￿￿￿￿￿ ￿￿

￿￿￿.

￿: Tivoli Access Manager for WebLogic ￿￿ 5.1￿ BEA WebLogic Server ￿

￿￿ ￿￿ ￿￿￿ ￿￿￿￿ ￿￿￿￿. BEA WebLogic Server ￿￿￿ ￿￿ ￿￿

￿￿￿ ￿￿￿ Tivoli Access Manager for WebLogic ￿￿ 4.1￿ ￿￿￿￿￿.

BEA WebLogic Server￿ ￿￿￿￿(thrid-party) ￿￿ ￿￿￿(￿: Tivoli Access Manager for WebLogic)￿ SSPI￿ ￿￿￿￿ ￿￿￿ ￿￿ ￿￿￿ BEA WebLogic Server ￿

￿￿ ￿￿￿ ￿￿￿￿￿￿.

2IBM Tivoli Access Manager for e-business: BEA WebLogic Server ￿￿ ￿￿￿

Image 20
Contents BEA WebLogic Server Page BEA WebLogic Server 2003 Iii BEAWebLogic Page Page Business Policy Policy ServerTivoli Access Manager WebSEAL API Tivoli Access Manager API C Provisioning Fast StartTivoli Software Glossary Tivoli GSKitTivoli Access Manager SSL DB2Xiii WebSphere MQSeriesJMS Tivoli Information Center Unix policyTivoli Identity Agent IBM . IBM Tivoli Identity ManagerProduct manuals . Tivoli Software Information Center IBM Software Support GuideJava Unix . Windows $variable %variable% \ . Windows bash Tivoli Access Manager Tivoli Access Manager PolicyTivoli Access Manager WebLogic Policy IBM Tivoli Access ManagerThird-party BEA WebLogic ServerJaas Jaas Tivoli Access Manager Security Service Provider InterfaceWebLogic Management BeanMBean WebLogic PDPermissionWebLogic . WebLogic Policy BEA WebLogic Server MBean WebLogic . WebLogicPolicy Policy WebLogic J2EETivoli Access Manager WebSEALWebSEAL , , RSA SecureID WebSEAL URL , WebSEAL WebLogicSsouser 23 WebSEAL ssouserWebLogic BEA WebLogic Server JLog BEA WebLogic ServerTivoli Access Manager Authorization Server IBM Tivoli Access Manager for e-business BEA WebLogic Server Copyright IBM Corp Tivoli Access Manager Policy Server Tivoli Access Manager Authorization Server64MB RAM Tivoli Access Manager Authorization ServerBEA WebLogic Server BEA WebLogic Server startWebLogicTivoli Access Manager Java Windows Installamwls InstallamwlsAmwlsinstalldir/lib 32 5 BEA WebLogic ServerRoot Tivoli Access Manager AIXAIX HP-UX Solaris Windows AIXRoot Tivoli Access Manager Pfsmountd pfsd Pfsmount CD HP-UXSwinstall SolarisInstallShield 23 Administrator Windows Tivoli Access ManagerInstallShield Windows\amwlsinstalldir\lib IBM Tivoli Access Manager for e-business BEA WebLogic Server Tivoli Access Manager Java Runtime Environment WebLogic . Java RuntimeSun v1.4d JRE , pdjrtecfg Pdconfig JRE JDKPdjrtecfg Solaris, HP-UXStartWebLogic Classpath StartWebLogic WebLogic . startWebLogicJava Classpath WebLogic StartWebLogic Classpath StartWebLogic BEA WebLogic ServerBEA WebLogic BEA WebLogic Tivoli Access Manager for WebLogic53 a Config AMWLSConsoleExtensions BEA WebLogic ServerTivoli Access Manager for WebLogic AMSSPIConfigureConsole Extension Web Application Tivoli Access Manager WebLogic URLAccess Manager AMSSPIConfigure CreaterealmSSO Rbpf.properties 53 aTivoli Access Manager WebSEAL IBM Tivoli Access Manager Ssopwd WebSEAL Pdadmin WebSEALBEA WebLogic Server WebSEALTivoli Access Manager Plug-in for Web Servers PdadminPlug-ininstalldir/etc pdwebpi.conf Junction URLSsouser BEA WebLogic Server Tivoli Access Manager for WebLogicBA add-hdr supply-password BA Page IBM Tivoli Access Manager for e-business BEA WebLogic Server Tivoli Access Manager WebSEAL DummyWebSEAL ID user-1 Ws-passwd WebSEAL44 3 policy Tivoli Access Manager Authorization ServerTivoli Access Manager Aznapi-entitlement-services BEA WebLogic Server Access ManagerPath TrueWebSEAL EJB Web.xml Servlet ServletRoleEAR AMWLSinstalldir/demo BEA WebLogic Server DoPost ServletRoleEjb-jar.xml GetBalance EJBRole GetBalance Banker1 Banker1Banker BankMembersServlet Servlet BankMembersEJB WebSEAL URLWebLogic Tivoli Access Manager Policy Policy pdadmin policyPolicy Policy Ldap Web Portal Manager Ldap . , LdapPdadmin Ldap 63 BAMWLSConfigure Amsspidir WebLogic ServletActive Directory administrators WebLogicWebLogic Server BEA WebLogic Server BEAWebLogic Active Directory Administrator Certificate.war AdministratorTivoli Access Manager IBM Tivoli Access SolarisSolaris Windows AIX HP-UX RootAccess Manager for WebLogic Application Server Tivoli Access Manager IBM Tivoli Access ManagerWindows AIXHP-UX SwremoveIBM Tivoli Access Manager for e-business BEA WebLogic Server Config createrealm .in ACL Tivoli Access Manager Amsspi.propertiesWlsrealmname BEA WebLogic Server BEA WebLogic Server SspiCom.tivoli.amwls.sspi.config.DeployerGroupProp Com.tivoli.amwls.sspi.config.MonitorGroupPropCom.tivoli.amwls.sspi.config.OperatorGroupProp Com.tivoli.amwls.sspi.config.AdminGroupPropRbpf.properties Com.tivoli.pd.as.cache.EnableDynamicRoleCaching Com.tivoli.pd.as.rbpf.PosRootCom.tivoli.pd.as.rbpf.ProductId Com.tivoli.pd.as.rbpf.AMActionGroupCom.tivoli.pd.as.cache.EnableStaticRoleCaching Com.tivoli.pd.as.cache.EnableObjectCachingCom.tivoli.pd.as.cache.StaticRoleCache Com.tivoli.pd.as.cache.StaticRoleCache.RolesCom.tivoli.pd.as.rbpf.GrantUnprotectedAccess Com.tivoli.pd.as.cache.ObjectCache.MaxResourcesCom.tivoli.pd.as.rbpf.ExcludedRoles Com.tivoli.pd.as.rbpf.CopyParentRoleCom.tivoli.pd.as.rbpf.IgnorePasswordPolicyOnUserCreate Com.tivoli.pd.as.rbpf.PropagateChildRoleCom.tivoli.pd.as.rbpf.UseEntitlements Com.tivoli.pd.as.rbpf.EntitlementsUserAmwlsjlog.properties Amwlsjlog.properties IsLoggingBaseGroup traceLogger baseGroup messageLogger True True falseIBM Tivoli Access Manager for e-business BEA WebLogic Server Copyright IBM Corp AMWLSConfigure -action config Remoteacluser remoteacluser Secmasterpwd secmasterpwdVerbose truefalse True . falseAMWLSConfigure -action unconfig AMWLSConfigure -action createrealm Ssoenabled truefalseWLS False Ssopwd ssopwdIBM Tivoli Access Manager Error Message Reference AMWLSConfigure -action deleterealm Registryclean truefalseIBM Tivoli Access Manager for e-business BEA WebLogic Server IBM IBM IBM , IBM467-12 2DBCS IBM 467-12 IBM IBM , IBM Ipla IBM Corporation Unix Open GroupIBM Tivoli Access Manager for e-business BEA WebLogic Server Virtual hosting Network-based authentication Protected object. ACL POP Entitlement service ACLAccess Control List PAC privilege attribute certificate service URLUniform Resource Locator IBM Tivoli Access Manager for e-business BEA WebLogic Server Page AIX Page SA30-2210-00