How much Web security do I need

Installing LANSA on IBM i

previous page next page

How much Web security do I need?

The level of security required will be determined by the type of Web site you are creating. Internet, Intranet and Extranet applications require different levels of security.

Security can be defined at the network, Web Server, Data/Application Server and LANSA levels. For example, you can use firewalls on the network along with user profile and object level security on the IBM i. LANSA for the Web provides an additional three levels of security.

During the initial installation and configuration of LANSA for the Web, you may wish to begin with very basic security requirements. The anonymous user access to LANSA for the Web is recommended when you first install and test LANSA for the Web. Once your system is operating properly, you can enhance the security features used.

Following are some considerations for LANSA for the Web security:

  • LANSA for the Web provides additional security features, on top of the security features provided by the Web serving products.
  • LANSA for the Web allows for anonymous user access. Anonymous access allows a casual visitor to use your Web applications without a user profile. There is a Data/Application Server user profile assigned to this anonymous user. This profile should only have minimal access rights on your Server.
  • By default, LANSA for the Web will install a system for anonymous user access.
  • It is recommended that you start with anonymous user access when you first install, configure and test the LANSA for the Web software. Once you have this level of authentication working properly, you can easily implement partial or full user authentication.
  • If you intend to allow for anonymous user access to your applications, you can also configure LANSA for the Web to enforce user authentication to specific Web applications. Partial or process level authentication allows you to restrict access to a specific set of Web enabled applications while still allowing the anonymous user access to the rest of your Web enabled applications. The casual visitor to your Web site can access the applications which are intended for public access.
  • You may choose to implement the full user authentication model. In this case, a user must enter a valid user profile and password to access any part of your application. Public access will not be allowed to any part of your application.
  • LANSA for the Web supports the use of Secure Socket Layers.
    Note: The IBM HTTP Server does not allow the use of Secure Socket Layers when the configuration instance name contains an "@" character. It you require SSL, you cannot use this default configuration. Simply create a new instance.
  • A multi-tier LANSA for the Web installation can also increase your site security so that your Data/Application Server is not directly connected to the Internet.

For more details about LANSA for the Web security, refer to the Task: Configuring LANSA for the Web Security.

previous page start next page