Access Manager - Latest
Access Manager - Latest Courses:
The External Authentication Interface (EAI) extends the Reverse Proxy also known as WebSEAL, so that a remote application or service can authenticate Access Manager users.
This lab demonstrates steps to configure IBM Access Access Manager (ISAM) Reverse Proxy to redirect the authentication process to an EAI application. The EAI used in this lab is a simple Perl program test_sso.pl which performs a form-based login using user name and
password. Then, the EAI posts the user identity using HTTP headers to the check_user.pl program which is configured as a trigger URL. The Reverse Proxy uses the HTTP headers posted in the trigger URL to build user credential internally and grant access
to a protected resource.
In this lab, you configure HTTP transformation rules in IBM Security Access Manager (ISAM) to modify HTTP requests and responses passing through the Reverse Proxy junctions.
This lab covers how to configure IBM Security Access Manager (ISAM) to
use the user certificates issued by a trusted Certificate Authority (CA) for the client
certificate-based authentication. The lab also demonstrates the step-up authentication using the client certificate-based authentication.
IBM Access Manager Platform protects web resources using security policies. Each security policy can be defined with a combination of the following controls: Access Control List (ACL) policies, Protected Object Policies (POPs) and Authorization rules.
In this lab, you use ACLs, POPs, and authorization rules to control access to the web content. You first create a junction for IBM HTTP Server (IHS) resources. Then, you apply various security policies to the web resources protected by that junction.
lab demonstrates how to set up the OpenID Connect federation using IBM
Security Access Manager (ISAM) 9.0.7. The lab provides two Access Manager appliances: isam1 and isam2.
The isam1 appliance is used as an OpenID Connect Provider (OP) and the
isam2 appliance acts as a Relying Party (RP). The live mobile demo
application running on the Relying party appliance is used for verifying
the federation capabilities.
In this lab, you will build the reverse proxy junctions and use various options to pass identity information through headers.