PAC privilege attribute certificate service | IBM 5.1 specs

J

junction. WebSEAL

HTTP HTTPS . WebSEAL junction

.

L

LDAP. LDAP(Lightweight Directory Access Protocol)

LDAP(Lightweight Directory Access Protocol). (a) X.500

TCP/IP , (b) X.500 DAP(Directory Access Protocol) . LDAP (

) (:

, )

. LDAP

RFC 1777 . LDAP 3 RFC 2251 , IETF

. IETF LDAP

RFC 2256 .

LTPA. LTPA(Lightweight Third Party Authentication)

LTPA(Lightweight Third Party Authentication).

M

MPA(Multiplexing Proxy Agent).

.

WAP , WAP(Wireless Access Protocol) .

,

.

P

PAC. PAC(Privilege Attribute Certificate) .

PAC (privilege attribute certificate service).

PAC Tivoli Access Manager ,

API .

Tivoli Access Manager

. ADK

. PAC(Privilege Attribute Certificate)

PAC(Privilege Attribute Certificate). ()

()

policy.

Policy Server.

Tivoli Access Manager

POP. POP(Protect Object Policy)

POP(Protect Object Policy).

ACL policy

policy . POP

. ACL(Access Control List), (protected

object) (protected object space)

R

RSA (RSA encryption).

. 1977 Ron Rivest, Adi Shamir Leonard Adleman .

,

.

S

SSL. SSL(Secure Sockets Layer)

SSL(Secure Sockets Layer).

. SSL / ,

. SSL Netscape Communications Corp. RSA Data Security, Inc. .

SSO. SSO(Single Signon)

U

URI. URI(Uniform Resource Identifier)

URI(Uniform Resource Identifier). (

), ( )

(: HTTP)

80IBM Tivoli Access Manager for e-business: BEA WebLogic Server

Image 98

IBM 5.1 manual PAC privilege attribute certificate service

Contents

BEA WebLogic Server Page BEA WebLogic Server 2003 Iii BEA WebLogic Page Page Business Policy Policy Server Tivoli Access Manager WebSEAL API Tivoli Access Manager API C Provisioning Fast Start Tivoli Software Glossary Tivoli GSKit Tivoli Access Manager SSL DB2 Xiii WebSphere MQSeriesJMS Tivoli Identity Tivoli Information CenterUnix policy Agent IBM . IBM Tivoli Identity Manager Product manuals . Tivoli Software Information Center IBM Software Support Guide Java Unix . Windows $variable %variable% \ . Windows bash Tivoli Access Manager Tivoli Access Manager Policy Third-party Tivoli Access Manager WebLogicPolicy IBM Tivoli Access Manager BEA WebLogic Server Jaas Jaas Tivoli Access Manager Security Service Provider InterfaceWebLogic Management BeanMBean WebLogic . WebLogic Policy BEA WebLogic Server WebLogicPDPermission MBean WebLogic . WebLogic Policy Policy WebLogic J2EE Tivoli Access Manager WebSEAL Ssouser 23 WebSEAL , , RSA SecureIDWebSEAL URL , WebSEAL WebLogic WebSEAL ssouser WebLogic BEA WebLogic Server JLog BEA WebLogic Server Tivoli Access Manager Authorization Server IBM Tivoli Access Manager for e-business BEA WebLogic Server Copyright IBM Corp 64MB RAM Tivoli Access Manager Tivoli Access Manager Policy ServerTivoli Access Manager Authorization Server Authorization Server BEA WebLogic Server BEA WebLogic Server startWebLogic Tivoli Access Manager Java Windows Amwlsinstalldir/lib InstallamwlsInstallamwls 32 5 BEA WebLogic Server AIX HP-UX Solaris Windows Root Tivoli Access ManagerAIX AIX Root Tivoli Access Manager Pfsmountd pfsd Pfsmount CD HP-UX Swinstall Solaris InstallShield InstallShield 23Administrator Windows Tivoli Access Manager Windows \amwlsinstalldir\lib IBM Tivoli Access Manager for e-business BEA WebLogic Server Tivoli Access Manager Java Runtime Environment WebLogic . Java Runtime Pdjrtecfg Sun v1.4d JRE , pdjrtecfg Pdconfig JREJDK Solaris, HP-UX Java Classpath WebLogic StartWebLogic Classpath StartWebLogic ClasspathStartWebLogic WebLogic . startWebLogic StartWebLogic BEA WebLogic Server BEA WebLogic BEA WebLogic Tivoli Access Manager for WebLogic53 a Config AMWLSConsoleExtensions BEA WebLogic Server Tivoli Access Manager for WebLogic AMSSPIConfigure Console Extension Web Application Tivoli Access Manager WebLogic URL SSO Access ManagerAMSSPIConfigure Createrealm Rbpf.properties 53 a Tivoli Access Manager BEA WebLogic Server WebSEAL IBM Tivoli Access ManagerSsopwd WebSEAL Pdadmin WebSEAL WebSEAL Plug-ininstalldir/etc pdwebpi.conf Tivoli Access Manager Plug-in for Web ServersPdadmin Junction URL Ssouser BEA WebLogic Server Tivoli Access Manager for WebLogicBA add-hdr supply-password BA Page IBM Tivoli Access Manager for e-business BEA WebLogic Server Tivoli Access Manager WebSEAL Dummy WebSEAL ID user-1 Ws-passwd WebSEAL 44 3 policy Tivoli Access Manager Authorization ServerTivoli Access Manager Path Aznapi-entitlement-servicesBEA WebLogic Server Access Manager True WebSEAL EJB Web.xml Servlet ServletRole Ejb-jar.xml GetBalance EJBRole EAR AMWLSinstalldir/demo BEA WebLogic ServerDoPost ServletRole GetBalance Banker1 Banker1 Banker BankMembersServlet Servlet BankMembersEJB WebSEAL URL Policy WebLogic Tivoli Access ManagerPolicy Policy pdadmin policy Policy Ldap Web Portal Manager Ldap . , Ldap Pdadmin Ldap 63 B AMWLSConfigure Amsspidir WebLogic Servlet WebLogic Server Active Directory administratorsWebLogic BEA WebLogic Server BEA WebLogic Active Directory Administrator Certificate.war Administrator Solaris Windows AIX HP-UX Tivoli Access Manager IBM Tivoli AccessSolaris Root Windows Access Manager for WebLogic Application ServerTivoli Access Manager IBM Tivoli Access Manager AIX HP-UX Swremove IBM Tivoli Access Manager for e-business BEA WebLogic Server Wlsrealmname BEA WebLogic Server Config createrealm .in ACL Tivoli Access ManagerAmsspi.properties BEA WebLogic Server Sspi Com.tivoli.amwls.sspi.config.OperatorGroupProp Com.tivoli.amwls.sspi.config.DeployerGroupPropCom.tivoli.amwls.sspi.config.MonitorGroupProp Com.tivoli.amwls.sspi.config.AdminGroupProp Rbpf.properties Com.tivoli.pd.as.rbpf.ProductId Com.tivoli.pd.as.cache.EnableDynamicRoleCachingCom.tivoli.pd.as.rbpf.PosRoot Com.tivoli.pd.as.rbpf.AMActionGroup Com.tivoli.pd.as.cache.StaticRoleCache Com.tivoli.pd.as.cache.EnableStaticRoleCachingCom.tivoli.pd.as.cache.EnableObjectCaching Com.tivoli.pd.as.cache.StaticRoleCache.Roles Com.tivoli.pd.as.rbpf.ExcludedRoles Com.tivoli.pd.as.rbpf.GrantUnprotectedAccessCom.tivoli.pd.as.cache.ObjectCache.MaxResources Com.tivoli.pd.as.rbpf.CopyParentRole Com.tivoli.pd.as.rbpf.UseEntitlements Com.tivoli.pd.as.rbpf.IgnorePasswordPolicyOnUserCreateCom.tivoli.pd.as.rbpf.PropagateChildRole Com.tivoli.pd.as.rbpf.EntitlementsUser Amwlsjlog.properties Amwlsjlog.properties IsLogging BaseGroup traceLogger baseGroup messageLogger True True false IBM Tivoli Access Manager for e-business BEA WebLogic Server Copyright IBM Corp AMWLSConfigure -action config Verbose truefalse Remoteacluser remoteacluserSecmasterpwd secmasterpwd True . false AMWLSConfigure -action unconfig WLS AMWLSConfigure -action createrealmSsoenabled truefalse False Ssopwd ssopwd IBM Tivoli Access Manager Error Message Reference AMWLSConfigure -action deleterealm Registryclean truefalse IBM Tivoli Access Manager for e-business BEA WebLogic Server IBM IBM IBM , IBM467-12 2DBCS IBM 467-12 IBM IBM , IBM Ipla IBM Corporation Unix Open Group IBM Tivoli Access Manager for e-business BEA WebLogic Server Virtual hosting Network-based authentication Protected object. ACL POP Entitlement service ACLAccess Control List PAC privilege attribute certificate service URLUniform Resource Locator IBM Tivoli Access Manager for e-business BEA WebLogic Server Page AIX Page SA30-2210-00