Security Service Modules (SSMs) are installed on the machines hosting the applications to be secured. An SSM ties the secured application into Oracle Entitlements Server so that all administrative security activities are performed through the Administration Server.
The following out-of-box SSMs are available in this release:
WLS SSM (for WebLogic 9.x/10.x)
WLS 8.1 SSM (for WebLogic 8.1)
Web Server SSM (for Microsoft IIS and Apache Web Server)
Web Service SSM
WebSphere SSM
Oracle SSM
Installation Overview
The primary tasks for installing one or more SSMs is to run the SSM installation program and then perform the enrollment process which sets up secure communication with the Administration Server. The same SSM installer is used to install all out-of-box SSMs.
After installing the SSM and performing the enrollment process, the SSM instance must be created and its initial configuration defined.
Tip:
The term ‘configuration’ is being used broadly here to include initial policies and policy components (resources, identities, etc.) in addition to the SCM, SSM, and security providers.
There are a number of ways by which SSM instances are created and configured:
For the WLS, WLS 8.1, Web Service, and Java SSMs, a utility called the ConfigTool can be used. This tool automates many tasks that must otherwise be performed manually. For more information about the tool and how to use it, see Configuring SSMs Using ConfigTool.
The Websphere, Web Server, Oracle, and custom SSMs involve unique tasks that are described in chapters 5 through 8.
All SSMs can be configured by manually defining the SSM’s configuration and the policies to enforce when securing an application. Detailed instructions are provided in a number of documents, particularly the Policy Manager’s Guide and the help systems for the Administration Console.