IBM WebSphere Application Server inter-operates with the previous
product versions. Use this topic to configure this behavior.
Before you begin
Interoperability
is achieved only when the Lightweight Third Party Authentication (LTPA) authentication
mechanism and Lightweight Directory Access Protocol (LDAP) user registry are
used. Credentials derived from Simple WebSphere Authentication Mechanisms
(SWAM) are not forwardable.
Important:
Procedure
-
Enable security with the LTPA authentication mechanism and the LDAP user
registry. Make sure that the same LDAP user registry is shared
by all the product versions.
- Extract and add server certificates into the
server key ring file of the previous version.
- Open the server key ring file using the key management utility
(iKeyman) and extract the server certificate to a file.
- Open the server key ring of the previous product version, using
the key management utility and add the certificate that is extracted from
your current version of WebSphere Application Server.
-
Extract and add trust certificates into the trust key ring file of the
previous product version.
- Open the trust key ring file using the key management utility
and extract the trust certificate to a file.
- Open the trust key ring file of the previous product version
using the key management utility and add the certificate that is extracted
from the product.
- If single sign-on (SSO) is enabled, export
keys from the product and import them into the previous product version.
Note: It is also possible to export keys from some previous product
versions and import them to the current version.
- Verify that the application uses the correct
Java Naming and Directory Interface (JNDI) name.
- Stop and restart all the servers.
- Make sure that the correct naming bootstrap
port is used to perform naming lookup.