Security Administration and Programming Guide

EAServer

This book describes the features in EAServer with which you can define the security characteristics of client/server communications.

Audience

Use this document if you are responsible for creating or deploying secure components, applications, and Web applications, or for defining secure EAServer listeners with which clients communicate.

How to use this book

Use this document to understand EAServer security.

The contents of this book are:

Chapter 1, "Security Concepts" - provides an overview of security terms and concepts and describes how to meet the challenge of protecting server resources.
Chapter 2, "Securing Component Access" - describes how to authenticate base clients, other components, or servlets and JSPs. Also describes how to pass credentials from EJBs and servlets between servers.
Chapter 3, "Configuring Web Application Security" - Describes how to secure Web applications and the resources contained within Web applications.
Chapter 4, "Securing TDS Client Access" - describes how TDS and MASP clients can securely communicate with EAServer.
Chapter 5, "Using SSL in Java Clients" - describes how to use SSL in Java clients.
Chapter 6, "Using SSL in C++ Clients" - describes how to use SSL in C++ clients.
Chapter 7, "Using SSL in ActiveX Clients" - describes how to use SSL in ActiveX clients.
Chapter 8, "Creating Authentication, Role, and Authorization Service Components" - describes how to create and implement custom role and service components to meet your specific authentication and authorization needs.
Chapter 9, "Using the JAAS API" - describes how to implement the Java Authentication and Authorization Support (JAAS) module in clients, EAServer, and as connectors to other servers.
Chapter 10, "Deploying Applications Around Proxies and Firewalls" - describes how to deploy applications around firewalls and how to use reverse proxies.
Chapter 11, "Security Configuration Tasks" - describes the major security tasks you perform from Jaguar Manager, including:
- Role mapping
- OS-based authentication
- Defining security profiles that use SSL
- Assigning security profiles to EAServer listeners
Chapter 12, "Managing Keys and Certificates" - describes how to use Security Manager to manage all aspects of SSL keys and certificates.
Chapter 13, "Entrust PKI Integration" - describes how to use the Entrust public-key infrastructure (PKI) for secure client/server communication.
Chapter 14, "Tutorial: Using SSL" - steps you through the process of using SSL in a browser and EAServer for secure communication.

Conventions

The formatting conventions used in this manual are:

Formatting example	To indicate
commands and methods	When used in descriptive text, this font indicates keywords such as: Command names used in descriptive text. C++ and Java method or class names used in descriptive text. Java package names used in descriptive text.
variable, package, or component	Italic font indicates: Program variables, such as myCounter Parts of input text that must be substituted, for example: Server.log File names Names of components, EAServer packages, and other entities that are registered in the EAServer naming service.
File \| Save	Menu names and menu items are displayed in plain text. The vertical bar shows you how to navigate menu selections. For example, File \| Save indicates "select Save from the File menu."
`package 1`	Monospace font indicates: Information that you enter in Jaguar Manager, a command line, or as program text. Example program fragments. Example output fragments.

Related documents

Core EAServer documentation The core EAServer documents are available in HTML format in your EAServer software installation, and in PDF and DynaText format on the EAServer 4.1.1 Technical Library CD.

The EAServer Installation Guide for your platform explains how to install the EAServer software.

What's New in EAServer 4.1.1 summarizes new functionality in this version.

The EAServer Feature Guide explains application server concepts and architecture, such as components, transactions, and Web applications. This book also explains how to use the optional EAServer products such as:

Message Bridge for Java™
Web Services Toolkit
Application Integrator for CICS, which allows EAServer components to execute CICS programs on a mainframe
Application Integrator for Stored Procedures, which allows you to quickly integrate database stored procedures into component-based applications
Adaptive Server® Anywhere, a full-featured, easy to use, transactional database management system
PowerDynamo™, which you can use for PowerBuilder® Web DataWindow® support

The EAServer Programmer's Guide explains how to:

Create, deploy, and configure components and component-based applications
Create, deploy, and configure Web applications, Java servlets, and JavaServer Pages
Use the industry-standard CORBA and Java APIs supported by EAServer

The EAServer System Administration Guide explains how to:

Start the preconfigured Jaguar server and manage it with the Jaguar Manager plug-in for Sybase Central™
Create, configure, and start new application servers
Define connection caches
Create clusters of application servers to host load-balanced and highly available components and Web applications
Monitor servers and application components
Automate administration and monitoring tasks with command-line tools or the Repository API
Create embedded EAServer installations

The EAServer Cookbook contains tutorials and explains how to use the sample applications included with your EAServer software.

The EAServer API Reference Manual contains reference pages for proprietary EAServer Java classes, ActiveX interfaces, and C routines. This document is available only online.

Message Bridge for Java™ documents Message Bridge for Java simplifies the parsing and formatting of structured documents in Java applications. Message Bridge allows you to define structures in XML or other formats, and generates Java classes to parse and build documents and messages that follow the format. The Message Bridge for Java User's Guide describes how to use the Message Bridge tools and runtime APIs. This document is included in PDF and DynaText format on your EAServer 4.1.1 Technical Library CD.

Web Services Toolkit documents Web Services Toolkit allows you to use standard Web services protocols in EAServer, such as Simple Object Access Protocol (SOAP), Web Services Description Language (WSDL), and Uniform Description, Discovery, and Integration (UDDI). The toolkit includes components for runtime support of these protocols, and tools for WSDL document creation, UDDI registration, and SOAP management. The Web Services Toolkit User's Guide describes how to use these features. This document is included in PDF and DynaText format on your EAServer 4.1.1 Technical Library CD.

Localization feature documents EAServer includes optional components to simplify the creation and deployment of localized applications. Documents for these features are provided in PDF and DynaText format on your EAServer 4.1.1 Technical Library CD. These features and documents include:

The Global Sort component, which provides high performance sorting of small to medium length lists and supports multiple alphabets and sort orders. This feature is documented in Using Global Sort.

The locale formatting library (LFL) consists of C++ CORBA components that use the International Components for Unicode (ICU) C++ formatting APIs for formatting dates, times, numbers, and currency. Using the Locale Formatting Library describes how to use these components in your applications.
The XML conversion module (XCM) tool is a high-performance EAServer component development tool that provides encoding verification and character set conversion for XML data. Using the XCM Tool describes how to use this feature.

PowerDynamo documents PowerDynamo documents are available in PDF and DynaText format on the EAServer 4.1.1 Technical Library CD and in HTML format in the PowerDynamo software installation.

Application Integrator documents Application Integrator documents are available in HTML format in your EAServer software installation, and in DynaText and PDF format on the EAServer 4.1.1 Technical Library CD.

Adaptive Server Anywhere documents EAServer includes a limited-license version of Adaptive Server Anywhere 7.0. PowerDynamo requires Adaptive Server Anywhere, as do many of the samples included with your EAServer software. Adaptive Server Anywhere documents are available on the EAServer 4.1.1 Technical Library CD.

jConnect for JDBC documents EAServer includes the jConnect™ for JDBC™ driver to allow JDBC access to Sybase database servers and gateways. The jConnect for JDBC Programmer's Guide is included on the EAServer 4.1.1 Technical Library CD.

Other sources of information

Use the Sybase® Technical Library CD and the Technical Library Product Manuals Web site to learn more about your product:

Technical Library CD contains product manuals and is included with your software. The DynaText browser (downloadable from Product Manuals ) allows you to access technical information about your product in an easy-to-use format.

Refer to the Technical Library Installation Guide in your documentation package for instructions on installing and starting the Technical Library.
Technical Library Product Manuals Web site is an HTML version of the Technical Library CD that you can access using a standard Web browser. In addition to product manuals, you will find links to the Technical Documents Web site (formerly known as Tech Info Library), the Solved Cases page, and Sybase/Powersoft newsgroups.

To access the Technical Library Product Manuals Web site, go to Product Manuals .

Sybase certifications on the Web

Technical documentation at the Sybase Web site is updated frequently.

For the latest information on product certifications

Point your Web browser to Technical Documents .
Select Products from the navigation bar on the left.
Select a product name from the product list.
Select the Certification Report filter, specify a time frame, and click Go.
Click a Certification Report title to display the report.

For the latest information on EBFs and Updates

Point your Web browser to Technical Documents .
Select EBFs/Updates. Enter user name and password information, if prompted (for existing Web accounts) or create a new account (a free service).
Specify a time frame and click Go.
Select a product.
Click an EBF/Update title to display the report.

To create a personalized view of the Sybase Web site (including support pages)

Set up a MySybase profile. MySybase is a free service that allows you to create a personalized view of Sybase Web pages.

Point your Web browser to Technical Documents
Click MySybase and create a MySybase profile.

If you need help

Each Sybase installation that has purchased a support contract has one or more designated people who are authorized to contact Sybase Technical Support. If you cannot resolve a problem using the manuals or online help, please have the designated person contact Sybase Technical Support or the Sybase subsidiary in your area.