You
can map the Kerberos client principal name to the WebSphere user registry
ID for both Simple and Protected GSS-API Negotiation (SPNEGO) web
authentication and Kerberos authentication.
Read the Mapping of
a client Kerberos principal name to the WebSphere® user registry ID article for
more information.
You can optionally map a Kerberos
principal to a System Authorization Facility (SAF) identity on z/OS®.
Last updated: Jun 12, 2013 3:30:53 AM CDT http://www14.software.ibm.com/webapp/wsbroker/redirect?version=v700osgijpa&product=was-nd-mp&topic=tsec_kerb_setup_step4 File name: tsec_kerb_setup_step4.html