services
resources
about

Follow us: Web Age on FaceBook Web Age on LinkedIn Follow Web Age on Twitter

For more information: 1.866.206.4644 (in Canada)
1.877.517.6540 (in U.S.)
Home Training Mentoring Request Info Search
Home > Training > IBM > WebSphere Portal >

WA1678 WebSphere Portal 6.0 Security Training and Courseware

Quick Enroll

This training course introduces the students to the security features of WebSphere Portal Server v6.0. During the course, students get introduced to the architecture of WebSphere Portal Server and understand the portal server security model and integration with external security tools. The course also lists the common security vulnerabilities covers some best practices for reducing those vulnerabilities.

Objectives

• Understand the various WebSphere Portal Components
• Describe Portal Server and Portal Engine Architecture
• Understand the relationship between WAS and WPS
• Understand the various types of security and security policies.
• Describe the various types of Defense mechanism such as authentication, authorization, delegation, firewalls and encryption
• Describe a Portal Document Manager
• Learn to configure a PDM portlet
• Learn to assign users and groups to various roles in portal server
• Understand the process of approval workflow
• Understand the various configuration utilities that come with portal server.
• Describe the process involved in moving the portal server database (Cloudscape) to DB2 or Oracle.
• Explain the process of enabling security with Member Manager Database
• Enable security with LDAP
• Understand the structure and components of Credential Vault
• Learn to perform Vault Administration
• Understand the need for External Authentication
• Understand the features of Tivoli Access Manager (TAM)
• Describe the security policy in TAM
• Explain the concept of Trust Association Interceptor (TAI) in WebSphere Application Server and it's role in integrating with third party security tools
• List top 10 Internet Security Vulnerabilities for Windows and UNIX
• Understand the Best Practices for Reducing Vulnerabilities
• List the points for Risk Control Checklist and understand Best Practices
• Prepare a Security Checklist for security both software and network systems

Topics
 
  • WPS Introduction
  • Security Concepts
  • WP Roles and Authorization
  • WP Security - Authentication
  • Document Manager
  • Configuration Management
  • Implementing Portal Security
  • TAM Implementation with WPS V6.0
  • Risks and Controls in Web and distributed systems

What you will learn
  After completing this course, the student should be able to:
  • Protect pages and portlets based on user role.
  • Configure WebSphere Portal Server v6.0 to use a LDAP user registry.
  • Migrate portal server to use DB2 or Oracle as data storage.
  • Use an external security manager such as Tivoli Access Manager (TAM).

Audience
  The class is designed for students who already know WebSphere Portal Server v6.0 administration.

Prerequisites
  Knowledge of WebSphere Application Server administration. Basic knowledge of WebSphere Portal Server 6.0 administration.

Duration
  3 days

 

Course Outline

1. Introduction to the WebSphere Portal Server
 
  • Topics
  • What is a Portal
  • An Example of A WebSphere Portal Site
  • Benefits of Portal Sites
  • General Portal Architecture
  • The Major Components of Horizontal Portals
  • WebSphere Portal Goals
  • WebSphere Portal Components
  • WebSphere Portal Accessibility
  • WebSphere Portal Packaging
  • WebSphere Portal Requirements
  • A Typical Network Architecture for WebSphere Portal
  • WebSphere Portal Server
  • WebSphere Portal Server Architecture
  • Portal Container
  • Portal Engine Architecture
  • Page Aggregation Modules
  • Portlet
  • JSR-168
  • WebSphere Portal Built-in Portlets
  • Portlet Application
  • Portlet Mode and State
  • WebSphere Portlet Content Publishing (WPCP)
  • Portal Document Manager (PDM)
  • Search Engine
  • WebSphere Portal Information
  • Summary
 

2. Portal Page Hierarchy
 
  • Topics
  • Elements of a Portal Site
  • Screen
  • The Home Screen
  • Screen
  • Page and Label
  • Page/Label Hierarchy
  • URL
  • Theme
  • Skin
  • Skin
  • Putting it all together
  • Creating Pages and Labels
  • Setting Page Properties
  • Layout Of A Page
  • Page Locking
  • Private Page
  • Adding Portlets To A Page
  • Delayed Cleanup Of Deleted Portal Pages
  • Deleting Orphaned Data
  • Creating URL
  • URL Link
  • Behavior Of The Back Button
  • Configuring Anchors
 

3. Security Concepts
 
  • Objectives
  • Security
  • Types of Security
  • Security Policy
  • Security Policy for different types of attack
  • Security Policy - Example
  • Security Functionality
  • Authentication
  • Single Sign-On (SSO)
  • Single Sign-On(SSO)
  • Single Sign On (SSO)
  • Single Sign On (cont.)
  • Authorization
  • Authorization -- Access Control List (ACL)
  • Authorization -- Capability List
  • Delegation
  • Encryption
  • Encoding and Encryption
  • Kerberos
  • Firewalls
  • Features of Firewalls
  • Summary
 

4. Document Manager
 
  • Topics
  • What is Portal Document Manager (PDM)?
  • Productivity Components
  • Creating A Document Library
  • Configuring the PDM Portlet
  • Document library Management
  • PDM Operations
  • Access Control
  • Document Search
  • Approval Workflow
  • Versioning
  • Versioning
  • Versioning
 

5. WebSphere Portal Server Roles and Authorization
 
  • Objectives
  • J2EE Security Goals
  • Roles and Authorization
  • J2EE Authorization Model
  • WebSphere Application Server Authorization Model
  • Authorization - WebSphere Portal Server
  • How Does Authorization Work?
  • Roles
  • Role Membership
  • More on Authorization
  • Resources
  • Common Access Rights
  • Managing Users and Groups
  • User Group Permissions Portlet
  • Resource Permissions Portlet
  • Manage Users and User Groups Portlet
  • Access Control List (ACL)
  • Access Control List (ACL)..
  • Support for J2EE Security Model
  • Summary
 

6. Security
 
  • Topics
  • Key Concepts
  • Authentication
  • Portal User Registry
  • Alternate Security Registries
  • LookAside Enabling
  • The ConfigWizard
  • Using An Alternate Database
  • Enabling Security with LDAP
  • Enable Security With LDAP
  • Single Sign On (SSO)
  • Authorization
  • How Does Authorization Work?
  • Roles
  • Role Membership
  • More on Authorization
  • Resources
  • Common Access Rights
  • Managing Users and Groups
  • Setting Resource Permissions
  • Resource Permissions GUI
  • Enabling SSL
  • Credential Vault
  • Credential
  • Components of Credential Vault
  • Structure of the Credential Vault
  • Slot Scope
  • Credential Access Level
  • Single Sign-on Scenario
  • Vault Administration
  • Vault Administration
 

7. Web Content Management Basics
 
  • Objectives
  • Introduction
  • Key Features
  • Main Components of WCM
  • How Does it Work?
  • Enabling WCM
  • Accessing WCM Authoring Tools
  • Using the WCM Tool
  • Authoring Template
  • Creating Authoring Template
  • Presentation Template
  • Corporate News Presentation Template
  • Presentation Template XML Markup
  • Site and Site Area
  • Example Site and Site Area
  • Content
  • Content Example
  • Creating a Content
  • Security and Workflow of a Content
  • Components
  • Showing a Component from an Authoring Template
  • Rendering Content in a Web Site
  • The Web Content Viewer Portlet
  • Summary
 

8. WCM Security and Workflow
 
  • Objectives
  • Common Security Requirements
  • Where is Security Configured?
  • Super User Access to WCM
  • Setting Library Access
  • Structure Designers
  • Granting Access for a Component
  • Authors
  • Readers
  • Workflow Basics
  • Workflow Example
  • Content Status
  • Content Rejection
  • Basic Steps to Create a Workflow
  • Creating Actions
  • Creating Stages
  • Creating a Workflow
  • Following the Workflow
  • Summary
 

9. Configuration Management
 
  • Objectives
  • Configuration Utilities
  • Configuration Utilities & Security
  • WPSconfig Utility
  • ANT Script File
  • How WPSConfig Uses ANT?
  • More on Properties
  • Property Precedence
  • What Can You Do With WPSConfig?
  • Migrating Database
  • Migrate to DB2
  • Migrate to DB2
  • Migrate to DB2
  • Migrate to Oracle
  • Migrate to Oracle
  • Summary
 

10. WebSphere Portal Security - Authentication
 
  • Topics
  • Web Servers
  • Using an external web server
  • Web Request Processing
  • Plugin Configuration
  • User Registries
  • LDAP Security Basics
  • LDAP Data Structure
  • Example
  • Distinguished Name (DN)
  • DN and RDN Example
  • Searching
  • Public Key Cryptography
  • Cryptography in WebSphere Portal
  • Certificates
  • Authentication
  • Authentication Proxies
  • Trust Association Interceptor
  • TAI Model
  • Lightweight Third Party Authentication (LTPA)
  • Using LTPA
  • Configuring SSO in WebSphere
  • WebSphere SSL Configuration
  • SSL Configuration Repertoire
  • SSL Repertoires
  • Creating an SSL Repertoire
  • Dummy Certificates
  • Key File
  • Trust File
  • Default Key Stores
  • Obtaining a Certificate
  • Generate a Self-Signed Certificate
  • Getting a CA Signed Certificate
  • Specify the Key Store
  • Different SSL Interactions
  • Web Client to Web Server
  • Enable SSL For IBM HTTP Server
  • Web server to WebSphere
  • Web server to WebSphere (cont.)
  • Java Client to WebSphere
  • Summary
 

11. TAM Implementation with WPS V6
 
  • Objectives
  • External Authentication
  • Tivoli Access Manager (TAM)
  • Protected Object Space
  • Security Policy
  • Access Control List (ACL)
  • Access Control List (ACL)..
  • Protected Object Policy (POP)
  • Authorization Rules
  • Implementing security in Tivoli Access Manager
  • Administration Users and Groups
  • Advantages of TAM
  • Tivoli Access Manager
  • Tivoli Access Manager Security Administration
  • Tivoli Access Manager WebSEAL
  • WebSEAL Junction
  • Policy Server
  • TAM - Complete authorization Picture
  • Trust Association Interceptor (TAI)
  • Trust Association Interceptor (TAI) Interfaces
  • Supported TAIs in WPS
  • Trust Association Interceptor (TAI) - Functioning
  • Trust Association Interceptor
  • Using TAI for Single Sign On
  • Summary
 

12. Risks & Controls in Web-based & Distributed Systems
 
  • Objectives
  • SANS Top 10 Internet Security Vulnerabilities for Windows
  • OWASP Top 10 Vulnerabilities
  • Cross Site Scripting
  • Injection Flaws
  • Insecure Remote File Include
  • Insecure Direct Object Reference
  • Cross site Request Forgery
  • Information Leakage and Improper Error Handling
  • Broken Authentication and Session Management
  • Insecure Cryptographic Storage
  • Insecure Communications
  • Failure to Restrict URL Access
  • Risk Control in Web Application Security
  • Vulnerabilities in Authentication
  • Risk Control Checklist
  • Best Practices for Reducing Vulnerabilities
  • Vulnerabilities of Access Control
  • Vulnerability Testing
  • Best Practices for Testing
  • Default Passwords
  • Installing Backdoors
  • HTTP Method Testing
  • File Upload Testing
  • View Page Source
  • Input Validation Checks
  • More Validation Checks
  • Forceful Browsing
  • Risk Control Checklist and Best Practices
  • Vulnerabilities of Sensitive Data Protection
  • Risk Control Checklist and Best Practices
  • Summary of Risks and Risk Control Best Practices
  • Do this now....
  • Summary
 

Appendix A. WebSphere Architecture
 
  • Objectives
  • WebSphere Platform
  • Base Edition
  • Base Edition
  • Other WAS Editions
  • IBM HTTP Server
  • WebSphere Profiles
  • Creating Profiles
  • Benefits of Profiles
  • Product Files Directories
  • Profile Directories
  • Cell/Node/Server
  • Config Directory
  • Web Server Integration
  • Benefit of a Web Server
  • IBM HTTP Server Installation
  • Web Server Plug-in
  • Web Servers in WebSphere
  • Mapping Applications to Web Servers
  • Plug-in Configuration
  • Workload Management (WLM) Basics
  • Role of Network Deployment Software
  • Similarities With Base Edition
  • Differences With Base Edition
  • Network Deployment Cell
  • Deployment Manager and Node Agents
  • Configuration File Synchronization
  • Network Deployment Profiles
  • Federating Nodes
  • Federating an Application Server Profile
  • Federating a Custom Profile
  • Adding Nodes
  • Cluster
  • Vertical Scaling
  • Horizontal Scaling
  • "Mixed" Scaling
  • Reference

We regularly offer classes in these and other cities. Atlanta, Austin, Baltimore, Calgary, Chicago, Cleveland, Dallas, Denver, Detroit, Houston, Jacksonville, Miami, Montreal, New York City, Orlando, Ottawa, Philadelphia, Phoenix, Pittsburgh, Seattle, Toronto, Vancouver, Washington DC.
More Details
Outline Course Outline
Setup Guide Lab Setup Guide
Buy This Course

Buy on-site and customized class

Attend a public class

03/12/2012 - Calgary
$2,275.00 Enroll

03/12/2012 - Montreal
$2,275.00 Enroll

03/19/2012 - Toronto
$2,275.00 Enroll

03/19/2012 - Ottawa
$2,275.00 Enroll

04/02/2012 - Montreal
$2,275.00 Enroll

04/23/2012 - Calgary
$2,275.00 Enroll

04/23/2012 - Vancouver
$2,275.00 Enroll

04/30/2012 - Ottawa
$2,275.00 Enroll

05/07/2012 - Toronto
$2,275.00 Enroll

06/18/2012 - Vancouver
$2,275.00 Enroll

06/25/2012 - Toronto
$2,275.00 Enroll

06/25/2012 - Montreal
$2,275.00 Enroll

07/16/2012 - Calgary
$2,275.00 Enroll

07/23/2012 - Ottawa
$2,275.00 Enroll

Home Training Mentoring Contact Us Terms of Use
*Your name:

*Your e-mail:

*Phone:

*Company name:

Additional notes:

We have received your message. A sales representative will contact you soon.

Thank you!.