WebSphere Security Courses for WAS 8.5.5.x

WebSphere Application Server – Advanced Security Concepts

  • Have you ever wondered how to install and configure Single Sign On for WebSphere Application Server?
  • Have you ever had trouble enabling Kerberos and SPNEGO?
  • Have you wondered how to automate the creation of a Kerberos, SPNEGO and SSO WAS configuration?
  • Would you like to know how to create a Kerberos Key Distribution Centre?
  • Learn how to use Microsoft Active Directory tools to help test and verify your Kerberos-based SSO solution.
  • Like to know key tools from the Windows Resource kit, and Java, which can be used to help with Kerberos and SPNEGO debugging?

The WebSphere Application Server 8.5.5.x – Advanced Security Concepts course provides the student with a detailed example-based guide which takes the student through how to configure Global Security for a Standalone Repository for the express purpose of connecting WAS to Microsoft AD, and enabling Full Single Sign on. This course covers how to set up Windows 2012 Server as a Primary Domain Controller and enabled a Windows 8.1 workstation as part of the full-enabling and testing of a fully functioning SSO solution. Included in this course are Jython and shell scripts and even a Java Web Application that is used to prove that SSO is indeed working as intended. This course is a first on the internet and nothing has been done like this before. 

The course contents covers a topic that has previously only ever been known by experienced WebSphere Application Consultant working in large corporate enterprises. This type of course will impart to you the knowledge and give you that much needed edge as a WAS professional.

The course provides over 150 pages of information covering the following topics and more:

  • BENEFITS OF USING KERBEROS
  • GLOSSARY OF TERMS
  • HOW KERBEROS WORKS
  • SETTING UP KERBEROS USING MICROSOFT ACTIVE DIRECTORY
  • MICROSOFT KERBEROS KDC
  • CREATING A DOMAIN NAME SYSTEM (DNS) SERVER
  • PROMOTING THE WIN2012 SERVER TO BECOME A DOMAIN CONTROLLER
  • CREATING A DNS SERVER
  • THE MICROSOFT KERBEROS KDC
  • INSTALLING THE KDC (KEY DISTRIBUTION SERVICE)
  • CREATING A KERBEROS SERVICE PRINCIPAL NAME
  • – Creating an SPN (SERVICE PRINCIPAL NAME)
  • – Configuring an SPN for WAS
  • CREATING A KEYTAB FILE
  • – Using ktpass to generate the keytab file
  • – Other Possible examples
  • CONFIGURING SINGLE SIGN ON WAS USING SPENGO
  • OVERVIEW OF THE SCENARIO
  • SPNEGO AND WINDOWS SSO SCENARIO STEPS
  • JOINING THE WORKSTATION TO THE DOMAIN
  • – Process to create a KKDC Domain user in AD
  • – Process to Join the lab workstation to the KKDC domain
  • CONFIGURING THE CRYPTO SYSTEM FOR AN AD USER
  • CONFIGURING WAS AND PREPARING AD AS A USER REGISTRY
  • – Creating a WAS Cell
  • – Configuring WAS for SSO
  • LDAP settings
  • CONFIGURING THE SPNEGO WEB AUTHENTICATION IN WAS
  • CREATING A SERVER TO WHICH WE WILL DEPLOY AN APPLICATION
  • ENABLING APPLICATION SECURITY
  • CREATING A VIRTUAL HOST DEFINITION
  • DEPLOYING THE APPLICATION
  • TESTING THE APPLICATION
  • ENABLING WINDOWS AUTHENTICATION IN INTERNET EXPLORER (IE)
  • USING OTHER BROWSERS
  • USING KERBTRAY.EXE
  • TROUBLESHOOTING KEYTAB FILES
  • – Debugging problems with keytab files
  • – Using klist on a Windows workstation
  • – Using Kinit on a Windows Server

 

Duration: 3-5 Days Self Study
Audience:

  • Experienced JEE Developers and Administrators having good experience with WebSphere Application Servers.
  • People looking to upgrade their skills as a  WebSphere Application Server administrator, and understand how configure Kerberos security for WAS environments where Microsoft AD is used for Single Sign On.

Requirements:
Basic knowledge of Linux/Windows commands is expected. Prior experience in administering WebSphere Application Server version 6.1-8.x servers is expected, as is basic shell-scripting and Jython understanding, and a good knowledge of Microsoft Windows Server concepts.

WAS 8.5.5.x Advanced Security Concepts
WAS 8.5.5.x Advanced Security Concepts
The example in this document is focused around how to configure Kerberos, SPENGO and Single Sign-On.
Price: $199.99
Price: $29.95

WebSphere Application Server 8.5.5.x – Essential Security Concepts

  • Have you ever wondered how to install and configure a federated repository (LDAP and internal file-based repository)?
  • Have you ever had trouble creating a custom stand-alone LDAP configuration?
  • Have you wondered how to automate the creation of a LDAP configuration using Jython scripting?
  • Would you like to know how to configure SSL for IBM HTTP Server?
  • Learn how to use your own self-signed certificates with an internal Certificate Authority
  • Like to know how to automate SSL Certificate Management?

The WebSphere Application Server 8.5.5.x – Essential Security Concepts course provides the student with a detailed example-based guide which takes the student through how to configure Global Security for Federated Repositories. This course also covers how to set up IHS administration and other Global security insights, along with SSL management sercrets often not addressed in most WAS courses. Jython scripts are also provided to automate the configuration of LDAP use in Global Security.

The course has been written by Steve Robinson who is a well known internationally acclaimed WebSphere Consultant and the author of several published WebSphere related books.

The course provides over 250 pages of information covering the following topics and more:

  • JEE Security
  • Global Security
  • An Unsecured Console
  • Turning On Global Security
  • Security Configuration Wizard
  • Virtual Member Manager
  • Role Management
  • Administrative Roles
  • Disabling Global Security
  • Setting The Internal Repository Using Scripting
  • Adding Ldap To A Federated Repository
  • Federated Repositories Recap
  • Apacheds
  • Installing Apacheds
  • Install Apache Directory Studio
  • Adding A New Partition
  • Importing An Ldif File
  • Ldap Security Settings
  • Wimconfig.xml
  • Changing The OU For Ldap Bind
  • Looking at User Groups
  • Standalone Ldap
  • Configuring The Standalone Ldap Server
  • Testing The Connection
  • Review Of Security.Xml
  • Starting The Administrative Server
  • Permissions
  • Starting And Stopping IBM HTTP Server
  • Starting And Stopping IBM Administration Server
  • Creating A Web Server In WAS Admin Console
  • Testing A Connection From WAS Console To IBM Administration Server
  • Configuring Web Servers In WAS Admin Console
  • Generating the plugin-cfg.xml File
  • Propagating the plugin-cfg.xml File
  • Configure IBM HTTP Server to load the Plugin Module
  • Verify Default application Targets
  • Configuring SSLFor Communication
  • Creating a Self-Signed Digital Certificate
  • Adding SSL To The IHS Virtual Host Configuration
  • Propagating Keyring File From WAS To Web Server
  • Configuring Virtual Hosts
  • Automating Self-Signed Certificates
  • Creating a New Key Database
  • Setting The Database Password
  • Registering A Key Database With The Server
  • Creating A Self-Signed Certificate
  • Managing Certificate Signing From A Certificate Authority
  • Basic SSLOverview
  • Digital Certificates
  • Objective
  • Install OpenSSL
  • Create A CSRUsing Ikeyman Tool
  • Using gskcmd Utility To Create A New Keyring Database To Store A CSR
  • Verifying a Certificate Request via Command-Line
  • Verifying a Certificate Request Using Ikeyman
  • Listing Available Signers
  • Create a New CA
  • Signing The CSR Using The New CA
  • Check The CSR Using OpenSSL
  • Receive The Signed Certificate Into The Key Database Using Command-Line
  • Receive The Signed Certificate Into The Key Database Using Gui
  • Configure IBM HTTP Server With A Certificated Signed By A CA
  • Adding The CA’s Certificate To The Key Database
  • Firefox Example Error
  • Internet Explorer Example Error
  • Adding CA’s Certificate To The Browsers Trust Key Store/Database
  • Configure /etc/hosts File
  • Automating Web Server Definitions
  • Understanding The Plugin-Cfg.Xml File
  • Appendix A: Additional Information On OpenSSL Tool
  • Appendix B: Creating A Key Pair Using OpenSSL
  • Generate a Private Key
  • Generate a Public Key
  • Create A New CA Using Ca.Pl (CA Script)

 

Duration: 3-5 Days Self Study
Audience:

  • Experienced JEE Developers and Administrators having good experience with WebSphere Application Servers.
  • People looking to upgrade their skills to use the WebSphere Application Server and configure LDAP and other forms of user-registries and fully understand how configure security for WAS environments

Requirements:
Basic knowledge of Linux/Windows commands is expected. Prior experience in administering WebSphere Application Server version 6.1-8.x servers is expected, as is basic shell-scripting and Jython understanding.

WAS 8.5.5.x Essential Security Concepts
WAS 8.5.5.x Essential Security Concepts
The example in this document is focused around how to enable federated repositories using LDAP, and other Global Security essential concepts.
Price: $199.99
Price: $29.99

Note: These two courses are part of the $299 special deal because the were released before December 2015.

Note: Once you have paid and registered, you will gain instant access to download your course materials.