IBM Support

Supported Versions of RSA Authentication Agent with WebSEAL

Question & Answer


Question

When configuring WebSEAL to perform RSA Token authentication, WebSEAL requires you to have the RSA ACE/Agent client installed on the system. Which client versions are supported by WebSEAL?

Answer

The WebSEAL documentation for the different versions shows the "minimum" levels supported. For example...

6.0 and 6.1:

    The WebSEAL token authentication process requires the RSA ACE/Agent client, installed and configured on the WebSEAL server machine, to communicate with a remote RSA ACE/server. For Tivoli Access Manager version 6.0, the minimum supported RSA ACE/Agent client version is:
    • 5.6 (Windows)
    • 5.2 (UNIX and Linux)


6.1.1:
    The WebSEAL token authentication process requires the RSA ACE/Agent client, installed and configured on the WebSEAL server machine, to communicate with a remote RSA ACE/server. For Tivoli Access Manager version 6.0, the minimum supported RSA ACE/Agent client version is:
    • 6.1 (Windows®)
    • 5.2 (UNIX®)

    NOTE: The operating system support for the RSA Authentication Agent for UNIX version 5.2 are:
    • Sun Solaris 8 and 9 on UltraSPARC processors
    • IBM® AIX 5L™ v5.1 and 5.2 on PowerPC® and RISC System/6000 processors
    • HP-UX 11i on PA-RISC 2.x processors

7.0:
    The WebSEAL token authentication process requires the RSA ACE/Agent client, installed and configured on the WebSEAL server machine, to communicate with a remote RSA ACE/server. For Security Access Manager, version 7.0, the minimum supported client version is:
    • RSA ACE/Agent 6.1 (Windows)
    • RSA ACE/Agent 5.2 for UNIX or RSA Authentication Agent 6.0 for PAM toolkit (UNIX)


Here are a few clarifications on this documentation to help in figuring out which versions of the client to use.
  • First, when the documentation states that these are the "minimum" supported versions, this means that we will support all newer versions (not just fix levels) of the clients. So for example, if we state support for version 6.1 of the RSA ACE/Agent for Windows, we will also support the user of versions 7.x, 8,x, etc.
  • It is important to confirm with RSA which client versions are supported on your particular operating system and version. The versions we state are minimum versions, so while they may be supported with TAM, they may not be supported by RSA on the newer versions of the OS you're using. Or it's possible that RSA may no longer support your particular OS at all. IBM cannot support a combination which is not supported by RSA.
  • The ISAM 7.0 documentation states that this is the first version to support the use of the RSA Authentication Agent for PAM for UNIX systems instead of the old RSA ACE/Agent for UNIX. Because of this, if you are planning to use any operating system for which RSA only supports the use of the Authentication Agent for PAM instead of the Agent for UNIX, you must be running ISAM 7.0.
[{"Product":{"code":"SSPREK","label":"Tivoli Access Manager for e-business"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"WebSEAL","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All versions","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

More support for:
Tivoli Access Manager for e-business

Software version:
All versions

Document number:
226537

Modified date:
16 June 2018

UID

swg21642936

Manage My Notification Subscriptions

Page Feedback