Prompted For Login Twice When Using WebSeal® Trust Associations

Technote (FAQ)
Problem
When WebSphereŽ Application Server is setup to use WebSeal for Trust Associations, WebSeal must be configured properly in the webseal.properties, webseal36.properties and the trustedservers.properties files.
Cause
Properties are not configured properly in xml configuration files.
Solution
The following properties must be set in the webseal.properties or webseal36.properties file:
    com.ibm.websphere.security.webseal.id=iv-user
    com.ibm.websphere.security.webseal.loginId=<trust user>

The second prompt to login is to create the trust association. The servers involved in the trust association must also be listed in the trustedservers.properties file.

You will see the following in the trace files during startup if their is a trust association is being used:

    [12/10/03 7:46:31:138 CST] 436af4fa TrustAssociat A Class

    com.ibm.ws.security.web.WebSealTrustAssociationInterceptor was loaded successfully. [12/10/03 7:46:31:173 CST] 436af4fa TrustAssociat A Interceptor signature: WebSeal Interceptor Version 1.1

    [12/10/03 7:46:31:447 CST] 436af4fa TrustAssociat A SECJ0120A: Trust Association Init loaded 1 interceptor(s)


The property files are in the <WAS_HOME>/properties directory.











Document Information

Product categories: Software, Application Servers, Distributed Application & Web Servers, WebSphere Application Server, Security
Operating system(s): Multi-Platform
Software version: 3.5, 4.0, 5.0, 5.1, 6.0
Software edition: Edition Independent
Reference #: 1175737
IBM Group: Software Group
Modified date: 2005-01-20