These topics describe the security features of WebSphere Commerce and how to configure these features.

The topics detail WebSphere Commerce security issues and features such as authentication, authorization, and access control policies. The objective of this section is to provide the persons responsible for security at your site (which likely includes a system administrator or WebSphere Commerce site administrator) with a comprehensive set of information to enable them to reliably secure a WebSphere Commerce production site.

The intended audience for this section is the chief security officer or the security administrator for a WebSphere Commerce site.


These topics only cover WebSphere Commerce security issues related to deploying an e-commerce site. Issues relating to vulnerabilities of your operating system are not covered. You should consult your operating system vendor or product information to determine the appropriate measures that you should take to secure your operating system.