ALES Integration Guide

Introduction

Document Scope and Audience

Guide to this Document

Related Documentation

Contact Us!

Securing Web Servers

Overview

Single Sign-On

Constraints and Limitations

Prerequisites

Integration Tasks

Define the Security Providers

Define Web Server Resources in ALES

Define Policies

Authorization Policies

Role Mapping Policies

Distribute the Policies

Set Up and Test the Sample Application

Implementing Web Single Sign-On with ALES Identity Assertion

Securing WebLogic Servers

Securing WebLogic Server Applications

Securing Administrative Access to WebLogic Server

Prerequisites

Integration Tasks

WebLogic 8.1 Security Providers

WebLogic 9.x/10.0 Security Providers

ALES Security Providers Extension

WebLogic Administrative User

WebLogic Server Resources

Policies

Running WebLogic Server as a Service

Setting Up WLS SSM on a WebLogic Cluster

Topology

Steps

Securing Applications Developed Using BEA Workshop for WebLogic

Overview

ALES Annotations Plugin

Integration Tasks

Set Up the ALES Annotations Plug-in

Using ALES Annotations in a WebLogic Bean Class

Create a WebLogic SessionBean

Add ALES Annotations to the WebLogic Bean Class

Add ALES Information to the Project

Export the Policy File from Workshop

Import the Policy File into ALES

Define Policies for the Imported Policy File

ALES Tag Library for Workshop

Prerequisites

ALES Tag Library Tags

Integration Tasks

Add the Tag Library to Workshop

Using ALES Tags in JSP Pages

Define the Policies to Secure JSP Components

Deploy the JSP Application

ALES Tag Library Reference

isAccessAllowed

isAccessNotAllowed

isAccessAllowedQueryResources

getUserRoles

isUserInRole

setSecurityContext

recordEvent

Attribute

Securing AquaLogic Data Services Platform

Overview

Use-Case

Prerequisites

Integration Tasks

Define Security Providers

Enable ALDSP Elements for Access Control

Define ALDSP Identities in ALES

Define ALDSP Resources in ALES

RTLApp Application Resources

ALDSP 2.5 Resources

ALDSP 3.0 Resources

Define Policies for ALDSP

Policies for ALDSP 2.5

Authorization Policies

Role Mapping Policies

Policies for ALDSP 3.0

Authorization Policies

Role Mapping Policies

Distribute Policies

Pre-Processing Data Redaction

Pre-Processing Response Types

Required ALES Response Attributes

Additional Integration Tasks

Post-Processing Data Redaction

ALDSP Security XQuery Functions

ALES Java Methods

Policies Returning Attributes to ALDSP

Defining a Security XQuery Function

Integrating the ALES Java Methods

ALES Security XQuery Function (ALDSP 2.5)

ALES Security XQuery Function (ALDSP 3.0)

Securing WebLogic Portal Applications

Overview

Use-Case Scenario

Constraints and Limitations

Prerequisites

Integration Tasks

Define the Security Providers

Define Portal Identities in ALES

Define Portal Resources in ALES

Realm Resource

Shared Resources

Console Resources

PortalApp Resources

Define Policies

Authorization Policies

Role Mapping Policies

Policies for Visitor Entitlements

Policies for Desktops

Policies for Books

Policies for Pages

Policies for Portlets

Policies for Look and Feel

Policies for Portlets using Instance ID

Storing and Versioning ALES Policy with ALER

Overview

Integration Tasks

Set ALER System Properties for Import and Export

Import the ALES Policy Asset Type into ALER

Manage ALES Policy Assets (ALER Console)

Versioning ALES Assets

Importing/Exporting Policy Data Between ALES and ALER

Export from ALES to ALER

Importing to ALES from ALER

Import/Export Configuration Files for ALER

Securing AquaLogic Service Bus Runtime Resources

Overview

Prerequisites

Initial Configuration

Security Providers

ALSB Resources

ALSB Identities

Policies for ALSB

Authorization Policies

Role Mapping Policies

Distributing Changes

Verifying SSM Configuration Using PerfDBAuditor

Securing ALES Components

Default Objects

Creating a New Admin User

ALES Resources

Administrative Operations

Privileges

Context Attributes

Evaluation Functions

Authorization Queries

Enumerated Types

ALES Identities

Role Mapping Policies

Authorization Policies

Setting Up Application Security Administrators

Establishing a Resource Parent for the Application

Policies for Application-Level Administration

ALES Adapter for Sun Identity Manager

Set Up ALES Resource in Sun Identity Manager

Enable Active Sync for ALES Resource

Using the WebLogic 9.x SSM

Using the Weblogic 8.1 SSM

Set Up Active Sync in Identity Manager