When talking to our enterprise customers we see a number of common challenges in securing business critical applications. As we look across the services provided to the organisation, we see an array of different security solutions – sharing the same common goal, but each independently designed. Some implementations are as a result of acquisitions, some just a result of different projects teams. One thing is clear, the non-standardised approach results in inflexible security solutions - and a significant support and maintenance workload.

Pirean have developed a solution to address this problem, called the WebSphere Standard Login Module. This solution delivers centralised access control for all of your WebSphere applications - flexible enough to support application specific authorisation requirements, multi-level authentication and intelligent workflow based user validation.

Once the application has succeeded in completing the appropriate authentication service, it offers the feature of extracting additional information from a range of sources, such as Active Directory, LDAP Servers or external Databases. This additional data will be associated with the current user’s session and can be used to drive access control decisions and personalisation within the chosen Business Application.

Providing an intuitive web based configuration interface, security components such as two factor authentication become simple building blocks for the security layer that can be quickly rolled out across the application landscape. Delivering two factor authentication for all applications takes the same time as delivering it for one application – it becomes a security layer that is simply plugged-in.

The solution is so simple to control, that the security teams can define the authorisation models and the project teams just pick the layers they want to protect their application and assign weightings to control the order.

In addition, from a compliance perspective the securely signed logs provide a view of access across the WebSphere application estate. Detailing who accessed which application, when they accessed it and from where.

The solution provides a single point of control for security across the entire WebSphere estate.