manualshive.com logo in svg

RSA Security SILVERSTREAM 3.75, User Manual

The RSA Security SILVERSTREAM 3.75 User Manual is an essential companion for understanding and maximizing the potential of this cutting-edge product. Download your free manual from manualshive.com and unlock the full power and functionality of SILVERSTREAM 3.75, taking control of your security needs with ease and confidence.

Share
Download
background image

4. Product  Configuration 

 

The goal of this Implementation Guide is to explain how ClearTrust and SilverStream eXtend Application 
Server 3.75 can be integrated. It explains how to use ClearTrust as a single sign-on product and to secure 
pages and other objects on a SilverStream Application Server. It is assumed that the reader has both 
products up and running and has a working knowledge of them.  This document is not intended to suggest 
optimum installations or configurations. 

 
Integration Overview  

 
The SilverStream Web Server Integration (WSI) module and ClearTrust can be used together on a Web 
server (IIS or iPlanet). When integrated, ClearTrust will provide authentication and authorization services 
at the Web server, and the WSI module will provide the access to the SilverStream Application Server. 
 
Authentication and authorization take place at the Web server with the ClearTrust service, therefore, the 
SilverStream application does not need to know about and check the authorization of every user. Instead, 
it only needs to authenticate and authorize a single user (the user that the WSI module is configured to 
use).  The WSI module intercepts the authentication headers that will be forwarded to the SilverStream 
Application Server, and replaces the ClearTrust credentials with credentials of a single known 
SilverStream user. 
 
The WSI then returns the response. You specify which URLs the WSI module will forward using a 
configuration file that the WSI reads when the Web server starts.  To improve response time, the WSI 
module will reuse socket connections between itself and the SilverStream server. The WSI maintains a 
connection pool to the SilverStream server that reuses these connections as needed.  With the WSI 
module, there is no direct communication between the browser and the SilverStream server: all calls pass 
through the WSI module. 
 

Resource Authorization Process: 

 

1.  The user sends in a URL request to access a secure application. 

 

2.  The ClearTrust Web Server Plug-in configured on this Web Server checks with the Authorization 

Server to see if this resource is protected. 

 
3.  The ClearTrust Web Server Plug-in then prompts the user to enter his credentials. 

 

4.  The ClearTrust Web Server Plug-in sends this to the Authorization Server to authenticate and 

authorize this user. 

 

5.  If this is a user authorized to access SilverStream resources, the request is then processed by the 

SilverStream WSI module. 

 

6.  The SilverStream WSI module forwards the request to the application server host specified in the 

AgWSI.conf file. It also checks the request for an authentication header and then substitutes the 
credentials set as defaults in the AgWSI.conf file. 

 

7.  The SilverStream server then returns the requested URL to ClearTrust and the user is redirected 

to the appropriate page. 

 

 

Page: 3 

Summary of Contents for SILVERSTREAM 3.75

Page 1: ...lications eXtend Workbench jBroker Web jBroker MQ and jBroker ORB are included with the application server to provide you with the tools and infrastructure you need to build enterprise applications SilverStream s commitment to J2EE and Web Services starts with our involvement in the development of standards and results in your flexible portable future proof applications Product Category Applicatio...

Page 2: ...run the server on a machine not connected to a network Windows 2000 with Service Pack 1 or higher Solaris 2 6 7 or 8 HP UX 11 0 IBM AIX 4 3 3 10 Red Hat Linux 6 2 or 7 1 Minimum RAM memory 128 MB for the server only 256 MB for the server and the Designer on the same machine Minimum disk space 130 MB Display mode 256 colors or higher for machines also running the SilverStream Designer Integration M...

Page 3: ...of a single known SilverStream user The WSI then returns the response You specify which URLs the WSI module will forward using a configuration file that the WSI reads when the Web server starts To improve response time the WSI module will reuse socket connections between itself and the SilverStream server The WSI maintains a connection pool to the SilverStream server that reuses these connections ...

Page 4: ...sword and generate an HTTP authentication header that it will add to every request it forwards to SilverStream server Note You can either use the default SilverStream Administrator username password or create a new SilverStream user which is the recommended method Example AgWSIUser Silverstream user password c AgWSI conf You will need to open this file and configure it specific to your configurati...

Page 5: ...ual Directory continue on to step 6 If not go to step 12 6 Virtual Directory Select New and then Virtual Directory The New Virtual Directory Wizard appears This step ties the virtual directory to the physical directory This step is optional if you install the WSI directly under the IIS physical root directory Step 12 The virtual path is a subdirectory of the IIS Web root directory The WSI can be i...

Page 6: ...K to close the Filter Properties dialog 19 Click Apply in the Default Web Site Properties dialog The WSI module for IIS should appear in the Filter Name list A green arrow to the left of the WSI Filter Name indicates whether or not the filter is enabled 20 Click OK to close the Default Web Site s Properties dialog 21 Close the Internet Service Manager 22 Stop and then restart the World Wide Web Pu...

Page 7: ...ne from a network topology standpoint firewall rules or simply via SilverStream configuration parameters and user group permissions A typical scenario would be to assign Read design time access and Write access to the Developers group Set Permissions access to the Administrators group and Execute access to both the Developers group and the authenticated WSI user defined in AgWSI conf file Also fro...

Page 8: ...es for your the Web Server where the SilverStream Application Server resides define an Application and associated protected URI e g to protect every SilverStream application server resource or protect a single URI e g SilverStream Pages Define a Basic Entitlement or SMART Rule for the user to that application and URI on that web server 7 Open a browser and type in the URI you have protected or any...

Page 9: ... user makes a request for a protected resource that resides on the SilverStream Application server they will be prompted with a Login Screen After the user successfully authenticates they will be directed to the requested page Page 9 ...

Page 10: ...s Deny on protected JSP page URL Method with unentitled user on Method only N A Access Deny on protected JSP page Method only with unentitled user N A Servlet Access Allow on unprotected Servlet Pass Access Allow on protected Servlet URL only with entitled user Pass Access Allow on protected Servlet URL Method with entitled user N A Access Deny on protected Servlet URL Method with entitled user on...

Page 11: ... retention Forms based URI retention does not work correctly when protecting a SilverStream resource due to the interaction between the way the Clear Trust IIS plug in and the SilverStream WSI module work The following is an example of the behavior of requesting a SilverStream resource protected by Clear Trust with forms based URI retention turned on 1 Requested URI http webserver SilverBooksCS ap...

Reviews:

No comments

Related manuals for SILVERSTREAM 3.75

Hawking HMPS2U User Manual preview
HMPS2U
Brand: Hawking Pages: 40
Valcom VIP-201 Specification preview
VIP-201
Brand: Valcom Pages: 4
Intergraph InterServe 600 Series System Reference Manual preview
InterServe 600 Series
Brand: Intergraph Pages: 104
Advantech DVG-1100 Manual preview
DVG-1100
Brand: Advantech Pages: 43
Intel S7000FC4UR - Server System - 0 MB RAM Configuration Manual preview
S7000FC4UR - Server System - 0 MB RAM
Brand: Intel Pages: 13
Infrant Technologies ReadyNAS NV Getting Started Manual preview
ReadyNAS NV
Brand: Infrant Technologies Pages: 8
Huawei FusionServer RH2288H V3 Installation Manual preview
FusionServer RH2288H V3
Brand: Huawei Pages: 46
Huawei TP48200A-D17B3 Troubleshooting Manual preview
TP48200A-D17B3
Brand: Huawei Pages: 48
Huawei Tecal RH5485 Installation And User Manual preview
Tecal RH5485
Brand: Huawei Pages: 96
Huawei MicroDC3000H Quick Installation Manual preview
MicroDC3000H
Brand: Huawei Pages: 50
Huawei FusionServer Pro 2488 V5 Technical White Paper preview
FusionServer Pro 2488 V5
Brand: Huawei Pages: 84
Huawei FusionServer Pro G5500 Routine Maintenance preview
FusionServer Pro G5500
Brand: Huawei Pages: 93
Huawei RH2488 V2 Server BMC User Manual preview
RH2488 V2 Server BMC
Brand: Huawei Pages: 54
Huawei FusionServer Pro CH242 V5 Technical White Paper preview
FusionServer Pro CH242 V5
Brand: Huawei Pages: 63
Huawei FusionServer Pro 5885H V5 Technical White Paper preview
FusionServer Pro 5885H V5
Brand: Huawei Pages: 92
Huawei FusionServer Pro 2488H V6 Technical White Paper preview
FusionServer Pro 2488H V6
Brand: Huawei Pages: 114
Huawei FusionServer Pro 2488H V5 Technical White Paper preview
FusionServer Pro 2488H V5
Brand: Huawei Pages: 90
Huawei TaiShan 200 Series User Manual preview
TaiShan 200 Series
Brand: Huawei Pages: 132

Brands by name

Popular brands

Load more brands