Implementing SPNEGO TAI single sign-on for WebSphere applications with z/OS and Windows Kerberos trusted realms
From the developerWorks archives
Date archived: January 3, 2017 | First published: July 18, 2007
The use of the SPNEGO protocol has been used to implement single sign-on solutions in many organizations where the primary Key Distribution Center (KDC) resides on a Microsoft® Active Directory® domain controller server. This article shows an alternative solution in which authentication happens at the Microsoft domain controller and z/OS® identities are managed through RACF®; a cross realm trust is configured to enable users authenticating to the domain controller access to services on z/OS using native z/OS identities. This content is part of the IBM WebSphere Developer Technical Journal.
This content is no longer being updated or maintained. The full article is provided "as is" in a PDF file. Given the rapid evolution of technology, some steps and illustrations may have changed.