Compatibility with earlier versions of the product

IBM Security Access Manager V9.0.* is compatible with previous versions of Security Access Manager for Web, Tivoli Access Manager for e-business, and Security Access Manager for Mobile.

The Version 9.0.* policy server can communicate with some previous versions of Security Access Manager for Web, Tivoli Access Manager for e-business, and Security Access Manager for Mobile. The following compatibility with earlier versions is supported:

Policy server compatibility with servers in prior versions
Compatibility with single sign-on targets
Limited compatibility with earlier versions for session management

Policy server compatibility with servers in prior versions

The Version 9.0.* policy server is compatible with prior releases of other servers, as specified in the following table.

Table 1. Compatibility with earlier versions of servers
Compatible servers	Compatible versions
WebSEAL server	Tivoli Access Manager for e-business, Version 6.1.1 and newer Security Access Manager for Web, Version 7.0 and newer
Authorization server
Web plug-ins

Version 9.0.* interfaces are compatible with prior releases of the product, as specified in the following table.

Table 2. Compatibility with earlier versions of interfaces
Version 9.0.* interfaces	Compatible versions
C Administration	Tivoli Access Manager for e-business, Version 6.1 and newer Security Access Manager for Web, Version 7.0 and newer
Java Administration
External Authentication
C Authorization
Java Authorization
Registry Direct	Tivoli Access Manager for e-business, Version 6.1.1 and newer Security Access Manager for Web, Version 7.0 and newer

Compatibility with single sign-on targets

IBM® Security Access Manager maintains compatibility with earlier versions for all single sign-on information that is sent over HTTP to applications behind WebSEAL junctions. Applications that are written to use single sign-on information that is supplied by previous versions of the product can use the same information that is provided by Version 9.0.*.

This compatibility applies to both custom applications and IBM applications such as the Trust Association Interceptor. The Trust Association interface is a service provider API that enables the integration of third-party security service (for example, a reverse proxy) with WebSphere Application Server. Security Access Manager, version 9.0.*, is compatible with all versions of the Trust Association Interceptor.

Limited compatibility with earlier versions of session management

IBM Security Access Manager for Web Version 8.0 introduced the Distributed Session Cache. This component replaces the Session Management Server that was provided in previous releases of the product.

The following limitations apply to deployments that combine IBM Security Access Manager, Version 9.0.* with prior versions, such as IBM Security Access Manager for Web, Version 7.0.0:

You cannot use both the Distributed Session Cache and the Session Management Server in the same deployment.
The IBM Security Access Manager Version 9.0.* WebSEAL server cannot communicate with the Session Management Server.
IBM Security Access Manager for Web Version 7.0.* WebSEAL server can communicate with the Distributed Session Cache in Version 9.0, but only if IBM Security Access Manager for Web Fix Pack 2 (Version 7.0.0.2) or newer is applied.