Sun ONE logo      Previous      Contents

Sun ONE Application Server 7 Administrator's Guide to Security

A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z

Index

A

accelerators, hardware  1

AcceptTimeout directive  1

access control  1, 2

databases  1

date restrictions  1

files  1

hostnames  1

IP addresses  1

LDAP directories  1

physical protection  1

programs  1

redirection  1

response when denied  1

restricting server areas  1

setting for a server instance  1

time restrictions  1

turning off  1

users and groups  1

writing custom expressions  1

access control entries (ACEs)  1, 2

access denied message  1

access right  1

delete  1

execute  1

info  1

list  1

read  1

write  1

ACE settings  1

ACL  1

attribute expressions  1

authentication statements  1

authorization statements  1

changing access denied message  1

custom expressions  1

deactivating  1

definition  1

digest authentication  1

file location stored  1

files  1

files, syntax  1

obj.conf, referencing  1, 2

restricting access based on security  1

restricting access based on time of day  1

restricting access for virtual servers  1

restricting access to a directory  1

restricting access to a file type  1

restricting access to a URI  1

restricting access to entire server  1

sample file  1

specifying users and groups  1

type statement  1

user cache  1

user cache directives  1

virtual servers settings  1

ACLCacheLifetime  1

ACLGroupCacheSize  1

aclname  1

ACLUserCacheSize  1

Admin Server

enabling SSL  1

security  1

superuser access  1

trust database  1

administration access, limiting  1

admpw file  1

allow directive  1

APIs

certificate  1, 2

client certificate  1

NSAPI  1

PKCS11  1

attributes

ACLs  1

operators  1

x509v3 certificates  1

auditing  1

auth-db  1, 2

authentication  1, 2

basic  1, 2

client  1, 2

client certificate  1

definition  1

digest  1, 2

host-IP, definition  1

methods  1, 2

pluggable  1

SSL  1, 2

User-Group  1, 2, 3

authentication databases  1, 2, 3

authentication statements, ACL syntax  1

AuthGroupFile directive  1

AuthName directive  1

authorization statements, ACL  1

AuthType directive  1

AuthUserFile directive  1

B

backups  1

Basic authentication method  1

bong-file  1

C

CA

approval process  1

definition  1

trusting  1

types  1

caching files  1

cert7.db  1

certificate chain definition  1

certificates  1, 2

API  1, 2

client authentication  1

client mapping, examples  1

definition  1

installing  1

introduction  1

managing  1

mapping file  1

requesting  1

requesting server certificates  1

root  1

trusting  1

types  1

using the built-in root certificate module  1

x509v3, attributes  1

certmap.conf  1, 2, 3

default properties  1

LDAP searches  1

sample mappings  1

using  1

certSubjectDN attribute  1

channel security  1

check-acl  1

chroot command  1, 2

cipher suites  1

ciphers

definition  1, 2

setting options  1

TLS and SSL3  1

ciphers for Netscape 6.0  1

TLS Rollback (MS IE 5.0, 5.5)  1

CKLs  1

deleting  1

installing  1

cleartext passwords  1

client authentication  1, 2, 3

client certificates

APIs  1

authentication  1

client SSL authentication  1

CmapLdapAttr property  1, 2

configuration files  1

location  1

SSL, setting values  1

CRLs

deleting  1

installing  1

CRLs and CKLs  1

cryptographic module  1, 2, 3

custom expressions for ACLs  1

custom properties  1

D

database

accessing via virtual servers  1

ACLs  1

authentication for virtual servers  1

creating trust  1

firewall protection  1

specifying  1

dayofweek  1

dbswitch.conf  1, 2, 3, 4

dcsuffix  1

declarative security (J2EE)  1

decryption, definition  1, 2

default authentication  1

DELETE  1

delete access  1

denied access message  1

deny directive  1

deployment descriptors  1

DES algorithm  1

digest authentication  1, 2

for ACLs  1

installing plug-n  1

method  1

password  1

digestauth plugin  1

digital signature  1, 2

directives (htaccess)  1

directives (SSL)

SSL3SessionTimeout  1

SSLCacheEntries  1

SSLClientAuthDataLimit  1

SSLClientAuthTimeout  1

SSLSessionTimeout  1

Directory Server, DES algorithm  1

distributed administration  1

DMZ firewall security  1

DNComps property  1

DNS  1, 2

dynamic configuration files  1

E

encryption  1, 2

definition  1, 2

key, definition  1

trust database  1

two-way  1

execute access  1

expressions

attribute operators  1

custom  1

F

FAT file systems, security  1

features

HTTP security  1

J2EE security  1

file type access restriction  1

files  1

access control  1

certmap.conf  1, 2

dbswrtich.conf  1

htaccess  1

init.conf  1

keyfile  1

obj.conf  1

password.conf  1

server.policy  1

server.xml  1

FilterComps property  1

FIPS-140  1

firewalls  1

JDBC  1

ODBC  1

form authentication (J2EE)  1

forms, restricting access to  1

G

general security  1

GET  1

global security parameters  1

good practices  1

groups authentication  1, 2

H

hardware accelerators  1, 2

HEAD  1

hierarchy, ACL authorization statements  1

host names and IP addresses, specifying  1

Host-IP access control  1, 2

htaccess  1, 2

directives  1

files  1

htaccess-register  1

I

INDEX  1

info access  1

init.conf  1, 2, 3, 4, 5

InitFn property  1

inittab  1

instance, setting access control for  1

IP addresses  1

IP addresses and host names, specifying  1

iplanetReversiblePassword  1

iplanetReversiblePasswordobject  1

issuerDN  1

J

J2EE security features  1

J2SE  1

J2SE policy configuration  1

JAAS  1

JDBC for firewalls  1

K

key database password (SSL)  1

key size restriction  1

keyfile for realm  1

key-pair file

introduction  1

securing  1

L

LDAP

authentication  1

authentication databases  1

configuring for SSL  1

providing end-user access  1

using certmap.conf  1

libdigest-plugin.ldif  1

libdigest-plugin.lib  1

libnssckbi.so  1

Library property  1

Limit directive  1

LimitExcept directive  1

list access  1

listener, enabling security  1

M

mapping certificates  1, 2

MKDIR  1

MOVE  1

N

Netscape 6.0 ciphers  1

nonce  1

NSAPI  1

nssckbi.dll  1

NTFS file system password protection  1

O

obj.conf  1, 2, 3

default authentication  1

referencing ACL files  1, 2

ODBC, firewalls  1

operators, attribute expressions  1

order directive  1

P

password.conf  1, 2, 3

passwords  1

changing  1

changing trust database  1

digest authentication  1

guidelines for creating  1

NTFS file system  1

recommended  1

using password.conf  1

PathCheck  1, 2, 3, 4

physical access protection  1

PKCS11

APIs  1

module  1, 2

pluggable authentication (J2EE)  1

plugin

authentication  1

digest authentication  1

digestauth  1

htaccess  1

ports security  1, 2

POST  1

pragma no-cache  1

programmatic security (J2EE)  1

programs, access control  1

properties (custom), creating  1

PROTOCOL_FORBIDDEN  1

public key  1, 2

PUT  1

R

rc.local  1

rdist risk  1

read access  1

realms  1, 2, 3, 4

redirection (access control)  1

remote server administration  1

REQ_ABORTED  1

REQ_NOACTION  1

REQ_PROCEED  1

request-digest  1

require directive  1

resource authentication (J2EE)  1

resource wildcards, list of  1

restricting access

based on security  1

based on time of day  1

to a directory  1

to a file type  1

to a URI  1

to entire server  1

rlogin risk  1

RMDIR  1

RMI/IIOP clients  1

root certificate  1

root directory, redirecting using chroot  1

S

sample files

ACL  1

secret-keysize  1

securing the server machine  1

security

access control  1

certificates  1

ciphers  1

configuration files  1

enabling FIPS-140  1

enabling when creating a new listener  1

FAT file systems  1

features  1

files  1

firewalls  1

general  1

global parameters in init.conf  1

HTTP features  1

J2EE features  1

overview  1, 2

passwords and  1

physical access protection  1

server machine and  1

SSL/TLS encryption  1

Strong Ciphers  1

security domains (realms)  1

Server Application Function (SAF) functions  1

server authentication, definition  1

server machine

securing  1

server, types of CAs  1

server.policy  1

server.xml  1, 2, 3

servers

securing  1

single sign-on (J2EE)  1

SSL  1, 2

authentication  1, 2

authentication method  1

auto startup  1

communication protocol  1

communication with LDAP  1

configuration file directives  1

definition  1

directives  1, 2

enabling  1, 2, 3

key database password  1

password management  1

preventing caching  1

setting values  1

SSL 2.0 limitation  1

SSL/TLS encryption, definition  1

SSL2 protocol  1, 2

SSL3 protocol  1, 2

SSL3SessionTimeout  1

SSLCacheEntries  1

SSLClientAuthDataLimit  1

SSLClientAuthTimeout  1

SSL-enabled servers, auto startup  1

SSLSessionTimeout  1

Strong Ciphers option  1

Sun customer support  1

superuser access  1

syntax, ACL files  1

T

telnet risk  1

testacl  1

time of day access restriction  1

timeofday  1

TLS  1

communication protocol  1

definition  1

enabling  1

protocol  1, 2

Rollback, ciphers (MS IE 5.0, 5.5)  1

TLS and SSL3 ciphers  1

trust database  1

changing password  1

creating  1, 2

trust settings for certificates  1

trusting certificates  1

two-way encryption, ciphers  1

U

UNIX processes precautions  1

UNIX SSL-enabled server  1

unprotected server, protecting  1

URI access restriction  1

URL for SSL-enabled server  1, 2

user authentication (J2EE)  1

user authentication databases  1

user cache, configuring for ACLs  1

User-Group authentication  1, 2, 3

ACL specifying  1

SSL  1

V

verifycert property  1

virtual servers

accessing databases  1

ACLs  1

authentication capability  1

authentication databases  1

controlling access  1

different trusted CAs  1

editing ACL settings  1

multiple certificates  1

security parameters  1

specifying the chroot directory  1

W

Web applications  1

wildcard usage  1, 2

Windows  1

Windows precautions  1

write access  1

X

x509v3 certificates attributes  1




Previous      Contents


Copyright 2003 Sun Microsystems, Inc. All rights reserved.