About this book

This book describes the features in EAServer with which you can define the security characteristics of client/server communications.

Audience

Use this document if you are responsible for creating or deploying secure components, applications, and Web applications, or for defining secure EAServer listeners with which clients communicate.

How to use this book

Use this document to understand EAServer security.

The contents of this book are:

Chapter 1, “Security Concepts” – provides an overview of security terms and concepts and describes how to meet the challenge of protecting server resources.
Chapter 2, “Securing Component Access” – describes how to authenticate base clients, other components, or servlets and JSPs. Also describes how to pass credentials from EJBs and servlets between servers.
Chapter 3, “Using Web Application Security” – Describes how to secure Web applications and the resources contained within Web applications.
Chapter 4, “Securing TDS Client Access” – describes how TDS and MASP clients can securely communicate with EAServer.
Chapter 5, “Using SSL in Java Clients” – describes how to use SSL in Java clients.
Chapter 6, “Using SSL in C++ Clients” – describes how to use SSL in C++ clients.
Chapter 7, “Using SSL in PowerBuilder Clients” – describes how to use SSL in PowerBuilder® clients.
Chapter 8, “Using SSL in ActiveX Clients” – describes how to use SSL in ActiveX clients.
Chapter 9, “Using TLS and FIPS in EAServer” – describes how to use TLS and FIPS protocols to create secure EAServer connections.
Chapter 10, “Creating and Using Custom Security Components” – describes how to create and implement custom role and service components to meet your specific authentication and authorization needs.
Chapter 11, “Using the JAAS API” – describes how to implement the Java Authentication and Authorization Support (JAAS) module in clients, EAServer, and as connectors to other servers.
Chapter 12, “Deploying Applications Around Proxies and Firewalls” – describes how to deploy applications around firewalls and how to use reverse proxies.
Chapter 13, “Security Configuration Tasks” – describes the major security tasks you perform from EAServer Manager, including:
- Role mapping
- OS-based authentication
- Defining security profiles that use SSL
- Assigning security profiles to EAServer listeners
Chapter 14, “Managing Keys and Certificates” – describes how to manage all aspects of SSL keys and certificates.
Chapter 15, “Entrust PKI Integration” – describes how to use the Entrust public-key infrastructure (PKI) for secure client/server communication.
Chapter 16, “Tutorial: Using SSL” – steps you through the process of using SSL in a browser and EAServer for secure communication.

Conventions

The formatting conventions used in this manual are:

Formatting example	To indicate
commands and methods	When used in descriptive text, this font indicates keywords such as: Command names used in descriptive text C++ and Java method or class names used in descriptive text Java package names used in descriptive text Property names in the raw format, as when using jagtool to configure applications rather than EAServer Manager
variable, package, or component	Italic font indicates: Program variables, such as myCounter Parts of input text that must be substituted, for example: Server.log File names Names of components, EAServer packages, and other entities that are registered in the EAServer naming service
File \| Save	Menu names and menu items are displayed in plain text. The vertical bar shows you how to navigate menu selections. For example, File \| Save indicates “select Save from the File menu.”
`package 1`	Monospace font indicates: Information that you enter in EAServer Manager, a command line, or as program text Example program fragments Example output fragments

Related documents

Core EAServer documentation The core EAServer documents are available in HTML format in your EAServer software installation, and in PDF and DynaText format on the Technical Library CD.

What’s New in EAServer summarizes new functionality in this version.

The EAServer Cookbook contains tutorials and explains how to use the sample applications included with your EAServer software.

The EAServer Feature Guide explains application server concepts and architecture, such as supported component models, network protocols, server-managed transactions, and Web applications.

The EAServer System Administration Guide explains how to:

Start the preconfigured Jaguar server and manage it with the EAServer Manager plug-in for Sybase Central™
Create, configure, and start new application servers
Define connection caches
Create clusters of application servers to host load-balanced and highly available components and Web applications
Monitor servers and application components
Automate administration and monitoring tasks with jagtool

The EAServer Programmer’s Guide explains how to:

Create, deploy, and configure components and component-based applications
Create, deploy, and configure Web applications, Java servlets, and JavaServer Pages
Use the industry-standard CORBA and Java APIs supported by EAServer

The EAServer Web Services Toolkit User’s Guide describes Web services support in EAServer, including:

Support for standard Web services protocols such as Simple Object Access Protocol (SOAP), Web Services Description Language (WSDL), and Uniform Description, Discovery, and Integration (UDDI)
Administration tools for deployment and creation of new Web services, WSDL document creation, UDDI registration, and SOAP management

The EAServer Performance and Tuning Guide describes how to tune your server and application settings for best performance.

The EAServer API Reference Manual contains reference pages for proprietary EAServer Java classes, ActiveX interfaces, and C routines.

The EAServer Troubleshooting Guide describes procedures for troubleshooting problems that EAServer users may encounter. This document is available only online; see the EAServer Troubleshooting Guide.

Message Bridge for Java™ Message Bridge for Java simplifies the parsing and formatting of structured documents in Java applications. Message Bridge allows you to define structures in XML or other formats, and generates Java classes to parse and build documents and messages that follow the format. The Message Bridge for Java User's Guide describes how to use the Message Bridge tools and runtime APIs. This document is included in PDF and DynaText format on your EAServer Technical Library CD.

Adaptive Server Anywhere documents EAServer includes a limited-license version of Adaptive Server Anywhere for use in running the samples and tutorials included with EAServer. Adaptive Server Anywhere documents are available on the Sybase Web site.

jConnect for JDBC documents EAServer includes the jConnect™ for JDBC™ driver to allow JDBC access to Sybase database servers and gateways. The Programmer’s Reference jConnect for JDBC is available on the Sybase Web site.

Other sources of information

Use the Sybase Getting Started CD, the SyBooks CD, and the Sybase Product Manuals Web site to learn more about your product:

The Getting Started CD contains release bulletins and installation guides in PDF format, and may also contain other documents or updated information not included on the SyBooks CD. It is included with your software. To read or print documents on the Getting Started CD, you need Adobe Acrobat Reader, which you can download at no charge from the Adobe Web site using a link provided on the CD.
The SyBooks CD contains product manuals and is included with your software. The Eclipse-based SyBooks browser allows you to access the manuals in an easy-to-use, HTML-based format.

Some documentation may be provided in PDF format, which you can access through the PDF directory on the SyBooks CD. To read or print the PDF files, you need Adobe Acrobat Reader.

Refer to the SyBooks Installation Guide on the Getting Started CD, or the README.txt file on the SyBooks CD for instructions on installing and starting SyBooks.
The Sybase Product Manuals Web site is an online version of the SyBooks CD that you can access using a standard Web browser. In addition to product manuals, you will find links to EBFs/Maintenance, Technical Documents, Case Management, Solved Cases, newsgroups, and the Sybase Developer Network.

To access the Sybase Product Manuals Web site, go to Product Manuals.

Sybase certifications on the Web

Technical documentation at the Sybase Web site is updated frequently.

Finding the latest information on product certifications

Point your Web browser to Technical Documents.
Select Products from the navigation bar on the left.
Select a product name from the product list and click Go.
Select the Certification Report filter, specify a time frame, and click Go.
Click a Certification Report title to display the report.

Creating a personalized view of the Sybase Web site (including support pages)

Set up a MySybase profile. MySybase is a free service that allows you to create a personalized view of Sybase Web pages.

Point your Web browser to Technical Documents.
Click MySybase and create a MySybase profile.

Sybase EBFs and software maintenance

Finding the latest information on EBFs and software maintenance

Point your Web browser to the Sybase Support Page.
Select EBFs/Maintenance. If prompted, enter your MySybase user name and password.
Select a product.
Specify a time frame and click Go. A list of EBF/Maintenance releases is displayed.

Padlock icons indicate that you do not have download authorization for certain EBF/Maintenance releases because you are not registered as a Technical Support Contact. If you have not registered, but have valid information provided by your Sybase representative or through your support contract, click Edit Roles to add the “Technical Support Contact” role to your MySybase profile.
Click the Info icon to display the EBF/Maintenance report, or click the product description to download the software.

Accessibility features

EAServer has been tested for compliance with U.S. government Section 508 Accessibility requirements. The online help for this product is also provided in HTML, JavaHelp, and Eclipse help formats, which you can navigate using a screen reader.

EAServer Manager supports working without a mouse. For more information, see “Keyboard navigation” in Chapter 2, “Sybase Central Overview,” in the EAServer System Administration Guide.

The WST plug-in for Eclipse supports accessibility features for those that cannot use a mouse, are visually impaired or have other special needs. For information about these features refer to Eclipse help:

Start Eclipse
Select Help | Help Contents
Enter Accessibility in the Search dialog box
Select Accessible user interfaces or Accessibility features for Eclipse

You might need to configure your accessibility tool for optimal use. Some screen readers pronounce text based on its case; for example, they pronounce ALL UPPERCASE TEXT as initials, and MixedCase Text as words. You might find it helpful to configure your tool to announce syntax conventions. Consult the documentation for your tool.

For additional information about how Sybase supports accessibility, see Sybase Accessibility. The Sybase Accessibility site includes links to information on Section 508 and W3C standards.

If you need help

Each Sybase installation that has purchased a support contract has one or more designated people who are authorized to contact Sybase Technical Support. If you cannot resolve a problem using the manuals or online help, please have the designated person contact Sybase Technical Support or the Sybase subsidiary in your area.

View this book as PDF