Configuring single sign-on using trust association

This task is performed to enable single sign-on using trust association. Trust association is used to connect reversed proxy servers to the application server.

Before you begin

Note: Use of TAIs for Simple and Protected GSS-API Negotiation Mechanism (SPNEGO) authentication is deprecated in this release. The SPNEGO web authentication panels provide a much easier and less error-prone way to configure SPNEGO.

To establish the trust association for the single sign-on, perform the following steps:

Procedure

  1. From the administrative console for WebSphere® Application Server, click Security > Global security.
  2. From Authentication mechanisms, click Web and SIP security > Trust association.
  3. Select the Enable trust association option.
  4. Under Additional properties, click the Interceptors link.
  5. Click com.ibm.ws.security.web.TAMTrustAssociationInterceptorPlus to use a WebSEAL interceptor, or com.ibm.ws.security.spnego.TrustAssociationInterceptorImpl to use a SPNEGO interceptor.
  6. Under Custom properties, select a custom property to edit or click New to create a new one. Enter the property name and value pairs.
  7. Click OK.
  8. Save the configuration and log out.
  9. Restart WebSphere Application Server.

指出主題類型的圖示 作業主題



時間戳記圖示 前次更新: July 9, 2016 11:17
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=cord&product=was-nd-mp&topic=tsec_sso_ws_step4_sso_using_TAI_for_WAS
檔名:tsec_sso_ws_step4_sso_using_TAI_for_WAS.html