Authentication of users
Clients must be authenticated as a user from the user registry when administrative security is enabled. If a client tries to access a secured application without being authenticated, an exception is generated.
Client | Authentication options | Notes |
---|---|---|
Web services clients | You can use WS-Security for authentication | |
Web or HTTP clients |
|
These clients reference JSPs, Servlets,
and HTML documents. When single sign-on is used, a client is asked to provide the user name and password information only once. The provided identity then propagates throughout the system. Single sign-on from Windows to IBM Business Process Manager (for example, to Process Portal) can be achieved using SPNEGO. For more information about single sign-on, refer to Creating a single sign-on for HTTP requests using SPNEGO Web authentication. For more information about integrating with third-party authentication products, see Configuring third-party authentication products. |
Java™ clients | JAAS | |
All clients | SSL client authentication |