About this task
Note: Kerberos authentication mechanism on the
server
side must be done by the system administrator and on the Java client side by end users. The Kerberos
keytab file must to be protected.
You must first ensure
that the KDC is configured. See your Kerberos Administrator and User's
guide for more information.
Avoid trouble: When configuring the
envar file for a z/OS
® KDC,
order the encryption types from most secure to least secure for the
SKDC_TKT_ENCTYPES environment variable. The z/OS KDC prefers to use the encryption types
that are first in the list, from left to right.
gotcha
You must
perform the following steps in order to set up Kerberos as the authentication
mechanism for WebSphere Application
Server.