Implementing SPNEGO TAI single sign-on for WebSphere applications with z/OS and Windows Kerberos trusted realms

From the developerWorks archives

Ben Rogers and Ut Le

Date archived: January 3, 2017 | First published: July 18, 2007

The use of the SPNEGO protocol has been used to implement single sign-on solutions in many organizations where the primary Key Distribution Center (KDC) resides on a Microsoft® Active Directory® domain controller server. This article shows an alternative solution in which authentication happens at the Microsoft domain controller and z/OS® identities are managed through RACF®; a cross realm trust is configured to enable users authenticating to the domain controller access to services on z/OS using native z/OS identities. This content is part of the IBM WebSphere Developer Technical Journal.

This content is no longer being updated or maintained. The full article is provided "as is" in a PDF file. Given the rapid evolution of technology, some steps and illustrations may have changed.



static.content.url=http://www.ibm.com/developerworks/js/artrating/
SITE_ID=1
Zone=WebSphere
ArticleID=240797
ArticleTitle=Implementing SPNEGO TAI single sign-on for WebSphere applications with z/OS and Windows Kerberos trusted realms
publish-date=07182007