I'm in the process of formalising an integration with ISAM for Web and ISAM for Mobile where we provide SSO from a Native mobile application into the mobile browser. If this is something you're interested in, please get in contact with me. I'm keen to hear your requirements. This pattern is particularly useful since... Continue Reading →
ISAM for Web – Different login pages per junction
Update 15/05/2015: It would seem that I may have over complicated this, we have a ISAM feature to do this already! 🙂 Apparently since TAM 6.1.1 we can use static management and error page templates per junction, as stated in the following technote: http://www-01.ibm.com/support/docview.wss?uid=swg21587936 So feel free to choose your own adventure! Different people access... Continue Reading →
ISAM for Web – Clickjacking prevention
What is Clickjacking? Clickjacking (User Interface redress attack, UI redress attack, UI redressing) is a malicious technique of tricking a Web user into clicking on something different from what the user perceives they are clicking on, thus potentially revealing confidential information or taking control of their computer while clicking on seemingly innocuous web pages. It... Continue Reading →
ISAM for Web – Sending Security HTTP Headers
Update 5/08/15: In the ISAM 8.0.1.3 Release, we've added a new stanza to the ISAM Reverse Proxy config file. This allows the easy addition of headers to all ISAM responses. [rsp-header-names] # # This stanza is used to define static HTTP headers which will be added # to every HTTP response from the WebSEAL server. ... Continue Reading →