WebSphere Application Server Version 6.1 Feature Pack for Web Services
             Operating Systems: AIX, HP-UX, i5/OS, Linux, Solaris, Windows, z/OS

             Personalize the table of contents and search results

Configuring digest authentication and TAI for SIP

You can configure digest authentication and Trust Association Interceptor (TAI) for the Session Initiation Protocol (SIP).

Before you begin

To configure digest authentication and TAI on WebSphere Application Server, you will need to:

About this task

Complete the following procedure to configure digest authentication and TAI on WebSphere Application Server:

Procedure

  1. To set up digest authentication, verify that Lightweight Third Party Authentication (LTPA) is configured for use on your server by selecting Security > Secure administration, applications, and infrastructure > Authentication mechanisms. In the Configuration tab on the Authentication mechanisms and expiration page you should see the Password field already filled in.
  2. In the administrative console, click Security > Secure administration, applications, and infrastructure .
    1. Under Authentication, expand Web security and click on Trust association.
    2. On the Configuration tab, under General properties, make sure the Enable trust association box is checked. Then click Apply.
  3. On the Interceptors page of the administration console look for com.ibm.ws.sip.security.digest.DigestTAI in the Interceptor class name list:
    1. If this class name in not present, click New to open the Configuration tab and enter com.ibm.ws.sip.security.digest.DigestTAI in the Interceptor class name field and click Apply. Then proceed to the following steps.
    2. If this interceptor class is present, you may proceed to set up a realm in digest authentication. To do this, click com.ibm.ws.sip.security.digest.DigestTAI > Custom Properties:
    3. Click OK.
  4. Navigate through Security > Secure administration, applications, and infrastructure > Authentication mechanisms and expirationto the Configuration tab.
    1. In the Key generation section, click Generate Keys. (No import or export of the key is necessary.)
    2. Under the Cross-cell single sign-on section fill in the Password fields.
    3. Fill in the Internal server ID field.
    4. Click OK.
  5. Click to Security > Secure administration, applications, and infrastructure.
    1. If the box Use Java 2 security to restrict application access to local resources is checked, click to deselect it.
    2. In the User account repository section of the page, select your LDAP registry from the Available realm definitions drop-down box.
    3. Click Set as current and then clickApply.
  6. Save all changes.
  7. Restart the server.
  8. Be sure you see the following message appear in the SystemOut.log after the server has restarted:
    SECJ0121I: Trust Association Init class com.ibm.ws.sip.security.digest.DigestTAI loaded successfully
    If this message does not appear in the log, digest authentication has not been activated.



In this information ...


IBM Redbooks, demos, education, and more


Use IBM Suggests to retrieve related content from ibm.com and beyond, identified for your convenience.

This feature requires Internet access.

IBM Suggests
Task topic    

Terms of Use | Feedback

Last updated: Nov 25, 2008 2:35:59 AM CST
http://publib.boulder.ibm.com/infocenter/wasinfo/v6r1/index.jsp?topic=/com.ibm.websphere.wsfep.multiplatform.doc/info/ae/ae/tsip_cfgsecudtai.html