100 lines
7.1 KiB
HTML
100 lines
7.1 KiB
HTML
|
<?xml version="1.0" encoding="UTF-8"?>
|
||
|
<!DOCTYPE html
|
||
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||
|
<html lang="en-us" xml:lang="en-us">
|
||
|
<head>
|
||
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
||
|
<meta name="security" content="public" />
|
||
|
<meta name="Robots" content="index,follow" />
|
||
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
||
|
<meta name="DC.Type" content="task" />
|
||
|
<meta name="DC.Title" content="Configure security for iSeries Navigator tasks on the Web" />
|
||
|
<meta name="abstract" content="If you are accessing the iSeries Navigator tasks on the Web interface over an external network, such as the Internet, it is recommended that you connect using a secure HTTP connection. Additionally, if the server hosting the iSeries Navigator Tasks on the Web interface resides outside of a firewall, or if you are managing a secondary system outside of a firewall, it is recommended that you also configure the IBM Toolbox for Java to establish secure socket connections for data access." />
|
||
|
<meta name="description" content="If you are accessing the iSeries Navigator tasks on the Web interface over an external network, such as the Internet, it is recommended that you connect using a secure HTTP connection. Additionally, if the server hosting the iSeries Navigator Tasks on the Web interface resides outside of a firewall, or if you are managing a secondary system outside of a firewall, it is recommended that you also configure the IBM Toolbox for Java to establish secure socket connections for data access." />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rzatgsetup.htm" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rzatgsecurityweb.htm" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rzatgsecuritytoolbox.htm" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rzatgprereq.htm" />
|
||
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2004, 2006" />
|
||
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2004, 2006" />
|
||
|
<meta name="DC.Format" content="XHTML" />
|
||
|
<meta name="DC.Identifier" content="rzatgsecurity" />
|
||
|
<meta name="DC.Language" content="en-us" />
|
||
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
||
|
<!-- US Government Users Restricted Rights -->
|
||
|
<!-- Use, duplication or disclosure restricted by -->
|
||
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
||
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
||
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
||
|
<title>Configure security for iSeries Navigator tasks on the Web</title>
|
||
|
</head>
|
||
|
<body id="rzatgsecurity"><a name="rzatgsecurity"><!-- --></a>
|
||
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
||
|
<h1 class="topictitle1">Configure security for iSeries Navigator tasks on the Web</h1>
|
||
|
<div><p>If you are accessing the iSeries™ Navigator tasks on the Web interface
|
||
|
over an external network, such as the Internet, it is recommended that you
|
||
|
connect using a secure HTTP connection. Additionally, if the server hosting
|
||
|
the iSeries Navigator
|
||
|
Tasks on the Web interface resides outside of a firewall, or if you are managing
|
||
|
a secondary system outside of a firewall, it is recommended that you also
|
||
|
configure the IBM<sup>®</sup> Toolbox
|
||
|
for Java™ to
|
||
|
establish secure socket connections for data access.</p>
|
||
|
<div class="section"><p>It is important to consider the security configuration needed
|
||
|
to adequately ensure protection of sensitive data such as userIDs and passwords.
|
||
|
The iSeries Navigator
|
||
|
tasks on the Web interface can be configured to require secure connections,
|
||
|
not use secure connections, or somewhere in between. As shipped, the iSeries Navigator
|
||
|
tasks on the Web interface is configured to send warning messages to the user
|
||
|
if secure connections are not used. You should evaluate the security needs
|
||
|
for your environment and either change the security configuration for the iSeries Navigator
|
||
|
tasks on the Web interface, or configure secure connections.</p>
|
||
|
<p>There are
|
||
|
two kinds of Secure Socket Layer (SSL) connections that you need to consider
|
||
|
configuring in order to run iSeries Navigator tasks on the Web securely:</p>
|
||
|
</div>
|
||
|
<ol><li><span>The first type of SSL connection is used in a connection between
|
||
|
a Web browser and the iSeries system that is hosting iSeries Navigator
|
||
|
tasks on the Web.</span></li>
|
||
|
<li><span>The second type of SSL connection is used by the iSeries Navigator
|
||
|
tasks on the Web interface to retrieve data from the local iSeries and
|
||
|
any managed secondary systems.</span></li>
|
||
|
</ol>
|
||
|
<div class="section"><p>By default, iSeries Navigator tasks on the Web is configured
|
||
|
to warn users if SSL is not used for all connections. You should evaluate
|
||
|
your security requirements, and do one or both of the following:</p>
|
||
|
<ul><li>Configure and use one or both kinds of SSL connections.</li>
|
||
|
<li>Change the iSeries Navigator
|
||
|
tasks on the Web configuration parameters to treat non-secure connections
|
||
|
differently. Options include making SSL connections required, not required,
|
||
|
not used, or give a warning.</li>
|
||
|
</ul>
|
||
|
<p>See the following topics for more information about each type of connection
|
||
|
and options for using them:</p>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div>
|
||
|
<ul class="ullinks">
|
||
|
<li class="ulchildlink"><strong><a href="rzatgsecurityweb.htm">Configure Web browser connections to iSeries Navigator tasks on the Web</a></strong><br />
|
||
|
Ensure that iSeries Navigator Tasks on the Web is configured
|
||
|
with the desired behavior for handling SSL or non-secure connections from
|
||
|
browsers. Also, if you want to allow or require browser communications to
|
||
|
run across a secure connection, you will need to configure SSL for the Administration
|
||
|
instance of the HTTP Server.</li>
|
||
|
<li class="ulchildlink"><strong><a href="rzatgsecuritytoolbox.htm">Configure data-retrieval connections to the local system and managed secondary systems</a></strong><br />
|
||
|
Any time iSeries Navigator tasks on the Web retrieves data
|
||
|
from OS/400<sup>®</sup>,
|
||
|
either on the local iSeries or any managed secondary systems, the IBM Toolbox
|
||
|
for Java is
|
||
|
used to create a socket connection for data retrieval.</li>
|
||
|
</ul>
|
||
|
|
||
|
<div class="familylinks">
|
||
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzatgsetup.htm" title="Working with iSeries Navigator tasks on the Web is easy, but first make sure your HTTP Server Administration instance is running and that you have properly configured security to meet your needs. Also, learn how to grant and limit access to iSeries Navigator with Application Administration.">Set up iSeries Navigator tasks on the Web</a></div>
|
||
|
</div>
|
||
|
<div class="reltasks"><strong>Related tasks</strong><br />
|
||
|
<div><a href="rzatgprereq.htm" title="View this topic for more details on starting the Administration instance. The Administration instance of the HTTP Server must be running on your system in order to connect to the iSeries Navigator tasks on the Web interface.">Set up iSeries Navigator tasks on the Web: Prerequisites</a></div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</body>
|
||
|
</html>
|