Home
Administering
Learn how to administer the product.
Administering HCL Compass Web
This section discusses how to administer HCL Compass Web.
Configuring strong authentication with smart cards
Smart card authentication is appropriate for deployments where security requirements dictate stronger authentication than using a HCL Compass user name and password.
Configuring WebSphere® Application Server
Configuring WebSphere® Application Server security to support smart cards includes configuring client authentication, configuring the LDAP registry, configuring the LDAP client certificate filter, configuring the certificate authority, configuring the certificate revocation list, and securing WebSphere Application Server.
Securing WebSphere® Application Server
Securing WebSphere® Application Server consists of securing IBM® HTTP Server (IHS), which is installed with WebSphere Application Server; securing the WebSphere Application Server HTTP plug-in; and securing the WebSphere Application Server environment.

Administering
Learn how to administer the product.
- Administering HCL Compass
  Learn how to administer the HCL Compass.
- Administering HCL Compass Web
  This section discusses how to administer HCL Compass Web.
  - About HCL Compass Web server
    HCL Compass Web server provides server-side support for WAN interfaces to HCL Compass.
  - Configuring HCL Compass Web with the Site Configuration window
    You customize many HCL Compass Web server and application settings by using the Site Configuration window.
  - Customizing security
    HCL Compass Web provides security that affects only the behavior of the HCL Compass Web application.
  - HCL Compass and single sign-on
    You can configure HCL Compass for single sign-on with Lightweight Third-Party Authentication (LTPA), OpenID Connect, and Security Assertion Markup Language 2.0 (SAML2).
  - Configuring strong authentication with smart cards
    Smart card authentication is appropriate for deployments where security requirements dictate stronger authentication than using a HCL Compass user name and password.
    - Prerequisites
      You must complete the following steps before you configure and enable smart card support.
    - Configuring WebSphere® Application Server
      Configuring WebSphere® Application Server security to support smart cards includes configuring client authentication, configuring the LDAP registry, configuring the LDAP client certificate filter, configuring the certificate authority, configuring the certificate revocation list, and securing WebSphere Application Server.
      - Configuring client authentication in WebSphere® Application Server
        Configure WebSphere® Application Server to accept client authentication for SSL connections.
      - Configuring LDAP on WebSphere Application Server
        Configure LDAP on WebSphere® Application Server to allow the appropriate lookup on the LDAP server after the client certificate is read.
      - Configuring the LDAP client certificate filter
        Configure the LDAP client certificate filter.
      - Configuring the certificate authority
        Configuring the certificate authority includes configuring WebSphere® Application Server to support Secure Socket Layer (SSL) client authentication, and adding the signer certificate for your organization to the truststore.
      - Configuring the certificate revocation list
        Certificate revocation lists allow WebSphere® Application Server to revoke a client certificate that is sent by the web browser when the key is compromised or when access permission to the key is revoked.
      - Securing WebSphere® Application Server
        Securing WebSphere® Application Server consists of securing IBM® HTTP Server (IHS), which is installed with WebSphere Application Server; securing the WebSphere Application Server HTTP plug-in; and securing the WebSphere Application Server environment.
    - Configuring HCL Compass Web
      Configuring HCL Compass Web includes configuring client certification authentication, mapping users to LDAP groups, configuring container authentication, and configuring LDAP for HCL Compass databases.
  - HCL Compass Search for administrators
    Administrators can use Compass Search feature to improve the existing full-text search capability.
  - Configuring and maintaining full-text search
    Some administrative tasks are required to configure and maintain the HCL Compass full-text search feature.
  - Configuring and customizing the type-ahead feature
    The type-ahead feature enables users to use a choice-list drop-down as a search field to find and select items in the choice-list. This feature must be configured before it can be used. It can also be customized.
  - Configuring e-mail transports
    You can configure HCL Compass Web to use either the SMTP (Simple Mail Transfer Protocol) or MAPI (Messaging Application Programming Interface) mail transport protocol.
  - Using HCL Compass to prefill OSLC 2.0-linked records
    You can configure HCL Compass to prefill field values when opening the creation dialogs for associated OSLC 2.0 projects. When a creation dialog displays, values for designated fields in the new record are initialized using content from configured fields of the initiating HCL Compass record.
- Administering HCL Compass Multisite
  Administering HCL Compass Multisite

Securing WebSphere® Application Server

Securing WebSphere® Application Server consists of securing IBM® HTTP Server (IHS), which is installed with WebSphere® Application Server; securing the WebSphere® Application Server HTTP plug-in; and securing the WebSphere® Application Server environment.

Procedure

You must secure IBM® HTTP Server and WebSphere® Application Server for client certificate authentication by completing the tasks that are described in section 8.7 of the WebSphere® Application Server V7.0 Security Guide.
Important: If you do not secure IBM® HTTP Server and the WebSphere® Application Server HTTP plug-in, then SSL communication does not function. As a result, the client certificate is not sent to WebSphere® Application Server.
For instructions on securing the WebSphere® Application Server environment, review the article Advanced security hardening in WebSphere® Application Server V7, V8, and V8.5, Part 1: Overview and approach to security hardening in the IBM® WebSphere® Developer Technical Journal.
Restart the WebSphere® Application Server to complete the configuration changes.