Topic
IC4NOTICE: developerWorks Community will be offline May 29-30, 2015 while we upgrade to the latest version of IBM Connections. For more information, read our upgrade FAQ.
2 replies Latest Post - ‏2013-02-04T14:37:40Z by SystemAdmin
SystemAdmin
SystemAdmin
2327 Posts
ACCEPTED ANSWER

Pinned topic Regarding Implementation of WebSphere LTPA Based Authentication

‏2013-01-29T16:26:14Z |
Hi,

Just wanted some help regarding LTPA based authentication.

Below is my working environment:
WL Studio 5.0.5 - Enterprise Edition on Win7
WL Server 5.0.5 - Enterprise Edition on Red Hat Enterprise Linux
(Database - Apache Derby, Application server - WebSphere® Application Server Liberty Profile)

I am trying to make a webservice call which is hosted on a Web Server behind Web SSO.
I want to go with Option 2 of LTPA authentication.

Query:
I am stuck in the first step, as to how to enable security mentioned in Step 1 when I am using the above mentioned environment Configurations for WebSphere Application Server
Step 1: Enable WebSphere Application Server security

Thanks,
Baxi
As per my understanding, below model states the same:
Client <---> WL Server (http adapter) <---> Web SSO <---> Web Server

So ideally with the LTPA based authentication, it would produ
  • SystemAdmin
    SystemAdmin
    2327 Posts
    ACCEPTED ANSWER

    Re: Regarding Implementation of WebSphere LTPA Based Authentication

    ‏2013-01-30T17:37:19Z  in response to SystemAdmin
    For this step, since you have chosen Option 2, you should not check the checkbox that states "Enable Application Security".

    If you were to check this box, you would be telling WAS that you want security enabled at the WAR level. With option 2, we wish for the user to be able to get past the WAR and to the Worklight app and then they are forced to authenticate. If you enable this box, the user will be forced to authenticate at the WAR level, and then they are allowed to proceed to the Worklight app. The pros and cons for each of these options are described in the pdf.
    • SystemAdmin
      SystemAdmin
      2327 Posts
      ACCEPTED ANSWER

      Re: Regarding Implementation of WebSphere LTPA Based Authentication

      ‏2013-02-04T14:37:40Z  in response to SystemAdmin
      Thanks for info Jeremy!

      Actually I am trying to implement something like below, but receiving the SSO Login page html code (in json format) as response while accessing the protected service:

      Client <----> WL Server (Adapter) <----> Web SSO <------> Web Server (Service hosted)

      How to move ahead so that I should provide the credentials for SSO and access the service apart from setting the LTPA token for future accessing of other protected services from the same web server.

      Thanks

      Baxi