WebSEAL is a high performance, multi-threaded Web server that applies fine-grained security policy to the Tivoli Access Manager protected Web object space. WebSEAL can provide single sign-on solutions and incorporate back-end Web application server resources into its security policy.
WebSEAL normally acts as a reverse Web proxy by receiving HTTP/HTTPS requests from a Web browser and delivering content from its own Web server or from junctioned back-end Web application servers. Requests passing through WebSEAL are evaluated by the Tivoli Access Manager authorization service to determine whether the user is authorized to access the requested resource.
WebSEAL provides the following features:
Supports multiple authentication methods Both built-in and plug-in architectures allow flexibility in supporting a variety of authentication mechanisms.
Accepts HTTP and HTTPS requests Integrates and protects back-end server resources through WebSEAL junction technology Manages fine-grained access control for the local and back-end server Web space Supported resources include URLs, URL-based regular expressions, CGI programs, HTML files, Java servlets, and Java class files.
Performs as a reverse Web proxy WebSEAL appears as a Web server to clients and appears as a Web browser to the junctioned back-end servers it is protecting.
Provides single sign-on capabilities
Provides URL Filtering mechanism. This allows relative and Serve relative url manipulation to add/remove junction name from URL using Junction mapping table (JMT).
